urlscan.io logo urlscan.io
SecurityTrails logo

tinhottrongngay360do.blogspot.com Open in urlscan Pro
142.250.186.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinhottrongngay360do.blogspot.com/
Effective URL: https://tinhottrongngay360do.blogspot.com/
Submission: On October 23 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 13 countries across 63 domains to perform 404 HTTP transactions. The main IP is 142.250.186.129, located in United States and belongs to GOOGLE, US. The main domain is tinhottrongngay360do.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on October 4th 2021. Valid for: 3 months.
This is the only time tinhottrongngay360do.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 142.250.186.129 15169 (GOOGLE)
5 142.250.185.137 15169 (GOOGLE)
39 172.217.16.130 15169 (GOOGLE)
7 172.217.16.138 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
3 142.250.185.202 15169 (GOOGLE)
5 216.58.212.142 15169 (GOOGLE)
2 142.250.185.225 15169 (GOOGLE)
13 64.185.232.226 18450 (WEBNX)
6 3.228.100.123 14618 (AMAZON-AES)
2 4 173.194.79.137 15169 (GOOGLE)
2 2 142.250.185.174 15169 (GOOGLE)
1 192.99.8.34 16276 (OVH)
4 185.66.200.221 201702 (SKHOSTING-EU)
20 104.19.133.78 13335 (CLOUDFLAR...)
7 136.243.35.166 24940 (HETZNER-AS)
2 157.240.20.19 32934 (FACEBOOK)
12 142.250.185.99 15169 (GOOGLE)
1 19 142.250.185.98 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
4 142.250.185.130 15169 (GOOGLE)
22 142.250.74.193 15169 (GOOGLE)
13 142.250.185.170 15169 (GOOGLE)
3 142.250.184.196 15169 (GOOGLE)
6 142.250.81.227 15169 (GOOGLE)
2 74.125.140.157 15169 (GOOGLE)
1 2 91.228.74.134 16509 (AMAZON-02)
1 2 18.184.251.131 16509 (AMAZON-02)
8 31 142.250.185.162 15169 (GOOGLE)
3 3 35.227.252.103 15169 (GOOGLE)
5 5 198.47.127.19 3257 (GTT-BACKB...)
2 3 69.173.144.165 26667 (RUBICONPR...)
3 13.114.212.164 16509 (AMAZON-02)
2 2 142.250.186.46 15169 (GOOGLE)
2 173.194.188.135 15169 (GOOGLE)
2 2 104.111.215.191 16625 (AKAMAI-AS)
4 34.98.67.61 15169 (GOOGLE)
2 173.194.182.74 15169 (GOOGLE)
5 142.250.186.66 15169 (GOOGLE)
7 142.250.185.194 15169 (GOOGLE)
1 3 2.18.234.21 16625 (AKAMAI-AS)
6 142.250.185.134 15169 (GOOGLE)
3 142.250.186.130 15169 (GOOGLE)
2 3 185.33.220.240 29990 (ASN-APPNEX)
3 5 35.244.159.8 15169 (GOOGLE)
2 157.240.20.35 32934 (FACEBOOK)
3 188.65.124.90 41690 (DAILYMOTI...)
1 172.67.137.9 13335 (CLOUDFLAR...)
51 178.79.242.16 22822 (LLNW)
14 188.65.124.59 41690 (DAILYMOTI...)
6 142.250.185.131 15169 (GOOGLE)
3 188.65.124.91 41690 (DAILYMOTI...)
3 2.16.107.64 20940 (AKAMAI-ASN1)
3 188.65.124.38 41690 (DAILYMOTI...)
2 185.66.201.59 201702 (SKHOSTING-EU)
2 185.66.200.127 201702 (SKHOSTING-EU)
2 104.111.242.245 16625 (AKAMAI-AS)
1 52.201.138.78 14618 (AMAZON-AES)
5 5 74.208.203.131 8560 (IONOS-AS ...)
5 7 2.18.232.230 16625 (AKAMAI-AS)
5 5 52.201.15.87 14618 (AMAZON-AES)
1 151.101.193.44 54113 (FASTLY)
2 3 54.87.152.8 14618 (AMAZON-AES)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 34.232.192.101 14618 (AMAZON-AES)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 87.248.118.22 203220 (YAHOO-DEB)
3 45.122.220.63 56150 (VHOST-AS-...)
2 2 52.18.11.109 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 18.168.50.255 16509 (AMAZON-02)
1 1 217.182.200.29 16276 (OVH)
20 104.19.136.78 13335 (CLOUDFLAR...)
1 3 23.37.42.132 16625 (AKAMAI-AS)
1 23.227.137.178 55081 (24SHELLS)
2 2 35.212.212.222 15169 (GOOGLE)
5 5 3.120.169.248 16509 (AMAZON-02)
1 1 87.98.252.5 16276 (OVH)
1 104.16.199.73 13335 (CLOUDFLAR...)
1 63.33.106.135 16509 (AMAZON-02)
1 104.19.216.61 13335 (CLOUDFLAR...)
1 1 109.206.161.21 50245 (SERVEREL-AS)
2 2 3.123.215.135 16509 (AMAZON-02)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 76.223.111.131 16509 (AMAZON-02)
1 104.22.25.87 13335 (CLOUDFLAR...)
2 5 13.32.121.72 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
1 1 23.227.139.243 55081 (24SHELLS)
404 71
7    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tinhottrongngay360do.blogspot.com
5    142.250.185.137 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f9.1e100.net
www.blogger.com
39    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
pagead2.googlesyndication.com
7    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
2    104.18.10.207 (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
ajax.googleapis.com
5    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
apis.google.com
2    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
2.bp.blogspot.com
3.bp.blogspot.com
13    64.185.232.226 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-232-226.static.webnx.com
image-us.24h.com.vn
6    3.228.100.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-100-123.compute-1.amazonaws.com
feed.mikle.com
4    173.194.79.137 (United States)

ASN15169 (GOOGLE, US)
PTR: eg-in-f137.1e100.net
ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
sites.google.com
1    192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
sstatic1.histats.com
4    185.66.200.221 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu
ylx-1.com
20    104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
7    136.243.35.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.35.243.136.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
12    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
19    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
partner.googleadservices.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
adservice.google.com
22    142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net
tpc.googlesyndication.com
13    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
imasdk.googleapis.com
3    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
6    142.250.81.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net
csi.gstatic.com
2    74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net
bid.g.doubleclick.net
2    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.184.251.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-251-131.eu-central-1.compute.amazonaws.com
d.agkn.com
31    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
3    35.227.252.103 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    13.114.212.164 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-212-164.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
gcdn.2mdn.net
2    173.194.188.135 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s34-in-f7.1e100.net
r2---sn-4g5ednsz.c.2mdn.net
2    104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    173.194.182.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s30-in-f10.1e100.net
r5---sn-4g5e6ns7.c.2mdn.net
5    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ade.googlesyndication.com
7    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
s0.2mdn.net
s2.2mdn.net
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
3    185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
3    188.65.124.90 (Villepinte, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
www.dailymotion.com
1    172.67.137.9 (United States)

ASN13335 (CLOUDFLARENET, US)
media.tctshop.com
51    178.79.242.16 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
static1.dmcdn.net
vendorlist.dmcdn.net
s1.dmcdn.net
14    188.65.124.59 (Villepinte, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
6    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
3    188.65.124.91 (Villepinte, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
3    2.16.107.64 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-64.deploy.static.akamaitechnologies.com
s2.dmcdn.net
3    188.65.124.38 (Villepinte, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: icscale-01-pub-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
2    185.66.201.59 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.59.skhosting.eu
xe9o.xyz
2    185.66.200.127 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu
ylx-i.advertica-cdn2.com
2    104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    52.201.138.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-138-78.compute-1.amazonaws.com
partners.tremorhub.com
5    74.208.203.131 (Wayne, United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail29.feedblitz.com
feedads.feedblitz.com
7    2.18.232.230 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-230.deploy.static.akamaitechnologies.com
spsec.feedblitz.com
c.licasd.com
5    52.201.15.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-15-87.compute-1.amazonaws.com
p.liadm.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
mb.taboola.com
3    54.87.152.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-152-8.compute-1.amazonaws.com
i.liadm.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.232.192.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-192-101.compute-1.amazonaws.com
i6.liadm.com
3    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    87.248.118.22 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e1.ycpi.vip.deb.yahoo.com
ads.yahoo.com
3    45.122.220.63 (Viet Nam)

ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN)
cdn.cotavi.vn
2    52.18.11.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    18.168.50.255 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-50-255.eu-west-2.compute.amazonaws.com
ag.innovid.com
1    217.182.200.29 (Poland)

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl
googlecm.hit.gemius.pl
20    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
3    23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    23.227.137.178 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    35.212.212.222 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
5    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu
green.erne.co
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    63.33.106.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-106-135.eu-west-1.compute.amazonaws.com
s.pubmine.com
1    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
2    3.123.215.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-215-135.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    76.223.111.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    104.22.25.87 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
5    13.32.121.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
543 KB
59 doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
191 KB
54 dmcdn.net
static1.dmcdn.net
vendorlist.dmcdn.net
s1.dmcdn.net
s2.dmcdn.net
2 MB
40 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
570 KB
24 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
284 KB
23 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
2 MB
14 dm-event.net
pebed.dm-event.net
2 KB
14 google.com
apis.google.com
sites.google.com
adservice.google.com
www.google.com
150 KB
13 24h.com.vn
image-us.24h.com.vn
2 MB
12 2mdn.net
gcdn.2mdn.net
r2---sn-4g5ednsz.c.2mdn.net
r5---sn-4g5e6ns7.c.2mdn.net
s0.2mdn.net
s2.2mdn.net
7 MB
10 feedblitz.com
feedads.feedblitz.com
spsec.feedblitz.com
5 KB
9 liadm.com
p.liadm.com
i.liadm.com
i6.liadm.com
4 KB
9 dailymotion.com
www.dailymotion.com
speedtest.dailymotion.com
dmxleo.dailymotion.com
62 KB
9 blogspot.com
tinhottrongngay360do.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
94 KB
8 openx.net
rtb.openx.net
us-u.openx.net
2 KB
7 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
12 KB
7 a-ads.com
ad.a-ads.com
static.a-ads.com
757 KB
6 mikle.com
feed.mikle.com
26 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 pubmatic.com
image6.pubmatic.com
2 KB
5 blogger.com
www.blogger.com
193 KB
4 mookie1.com
odr.mookie1.com
2 KB
4 ylx-1.com
ylx-1.com
5 KB
4 googlegroups.com
ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
869 B
3 cotavi.vn
cdn.cotavi.vn
73 KB
3 spotxchange.com
sync.search.spotxchange.com
2 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 googletagservices.com
www.googletagservices.com
110 KB
3 casalemedia.com
dsum-sec.casalemedia.com
2 KB
3 adingo.jp
cc.adingo.jp
130 B
2 adsrvr.org
match.adsrvr.org
905 B
2 creativecdn.com
creativecdn.com
687 B
2 360yield.com
ad.360yield.com
614 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
759 B
2 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
1 KB
2 rlcdn.com
id.rlcdn.com
889 B
2 everesttech.net
pixel.everesttech.net
750 B
2 licasd.com
c.licasd.com
4 KB
2 teads.tv
sync.teads.tv
344 B
2 advertica-cdn2.com
ylx-i.advertica-cdn2.com
27 KB
2 xe9o.xyz
xe9o.xyz
26 KB
2 facebook.com
www.facebook.com
12 KB
2 addthis.com
e.dlx.addthis.com
1 KB
2 agkn.com
d.agkn.com
1 KB
2 quantserve.com
cms.quantserve.com
798 B
2 facebook.net
connect.facebook.net
79 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
70 KB
1 zeotap.com
mwzeom.zeotap.com
467 B
1 e-volution.ai
sync.e-volution.ai
463 B
1 lentainform.com
cm.lentainform.com
496 B
1 pubmine.com
s.pubmine.com
286 B
1 idealmedia.io
cm.idealmedia.io
413 B
1 erne.co
green.erne.co
295 B
1 gemius.pl
googlecm.hit.gemius.pl
336 B
1 innovid.com
ag.innovid.com
296 B
1 yahoo.com
ads.yahoo.com
445 B
1 mathtag.com
sync.mathtag.com
641 B
1 taboola.com
mb.taboola.com
251 KB
1 tremorhub.com
partners.tremorhub.com
183 B
1 tctshop.com
media.tctshop.com
106 KB
1 googleadservices.com
partner.googleadservices.com
609 B
1 histats.com
sstatic1.histats.com
163 B
404 63
Domain Requested by
45 static1.dmcdn.net www.dailymotion.com
static1.dmcdn.net
39 pagead2.googlesyndication.com tinhottrongngay360do.blogspot.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
31 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
tinhottrongngay360do.blogspot.com
22 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
tinhottrongngay360do.blogspot.com
pagead2.googlesyndication.com
20 s-img.mgid.com jsc.mgid.com
19 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
tinhottrongngay360do.blogspot.com
14 pebed.dm-event.net www.dailymotion.com
static1.dmcdn.net
13 imasdk.googleapis.com googleads.g.doubleclick.net
www.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
13 image-us.24h.com.vn tinhottrongngay360do.blogspot.com
12 fonts.gstatic.com fonts.googleapis.com
9 cm.mgid.com jsc.mgid.com
s.adtelligent.com
7 googleads4.g.doubleclick.net tinhottrongngay360do.blogspot.com
googleads.g.doubleclick.net
7 fonts.googleapis.com tinhottrongngay360do.blogspot.com
googleads.g.doubleclick.net
7 tinhottrongngay360do.blogspot.com 1 redirects tinhottrongngay360do.blogspot.com
www.blogger.com
6 www.gstatic.com static1.dmcdn.net
www.gstatic.com
6 csi.gstatic.com imasdk.googleapis.com
6 feed.mikle.com tinhottrongngay360do.blogspot.com
feed.mikle.com
ajax.googleapis.com
5 sb.scorecardresearch.com 2 redirects jsc.mgid.com
5 x.bidswitch.net 5 redirects
5 p.liadm.com 5 redirects
5 spsec.feedblitz.com 5 redirects
5 feedads.feedblitz.com 5 redirects
5 us-u.openx.net 3 redirects googleads.g.doubleclick.net
5 s0.2mdn.net tinhottrongngay360do.blogspot.com
imasdk.googleapis.com
googleads.g.doubleclick.net
5 ade.googlesyndication.com tinhottrongngay360do.blogspot.com
5 image6.pubmatic.com 5 redirects
5 ad.a-ads.com tinhottrongngay360do.blogspot.com
5 apis.google.com tinhottrongngay360do.blogspot.com
apis.google.com
www.blogger.com
5 www.blogger.com tinhottrongngay360do.blogspot.com
apis.google.com
4 cdn.mgid.com
4 odr.mookie1.com googleads.g.doubleclick.net
4 adservice.google.com pagead2.googlesyndication.com
4 jsc.mgid.com tinhottrongngay360do.blogspot.com
jsc.mgid.com
4 ylx-1.com tinhottrongngay360do.blogspot.com
ylx-1.com
4 ff8c9329-a-62cb3a1a-s-sites.googlegroups.com 2 redirects tinhottrongngay360do.blogspot.com
3 cdn.cotavi.vn tinhottrongngay360do.blogspot.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 i.liadm.com 2 redirects
3 dmxleo.dailymotion.com static1.dmcdn.net
3 s2.dmcdn.net www.dailymotion.com
static1.dmcdn.net
3 s1.dmcdn.net www.dailymotion.com
3 speedtest.dailymotion.com static1.dmcdn.net
3 vendorlist.dmcdn.net static1.dmcdn.net
3 www.dailymotion.com ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com tinhottrongngay360do.blogspot.com
googleads.g.doubleclick.net
3 dsum-sec.casalemedia.com 1 redirects tinhottrongngay360do.blogspot.com
googleads.g.doubleclick.net
3 cc.adingo.jp googleads.g.doubleclick.net
3 pixel.rubiconproject.com 2 redirects
3 rtb.openx.net 3 redirects
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 ajax.googleapis.com tinhottrongngay360do.blogspot.com
feed.mikle.com
2 match.adsrvr.org 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 servicer.mgid.com jsc.mgid.com
2 id.rlcdn.com 2 redirects
2 pixel.everesttech.net 2 redirects
2 c.licasd.com
2 sync.teads.tv googleads.g.doubleclick.net
2 ylx-i.advertica-cdn2.com ylx-1.com
2 xe9o.xyz ylx-1.com
xe9o.xyz
2 static.a-ads.com ad.a-ads.com
2 www.facebook.com tinhottrongngay360do.blogspot.com
www.facebook.com
2 r5---sn-4g5e6ns7.c.2mdn.net tinhottrongngay360do.blogspot.com
2 e.dlx.addthis.com 2 redirects
2 r2---sn-4g5ednsz.c.2mdn.net googleads.g.doubleclick.net
tinhottrongngay360do.blogspot.com
2 gcdn.2mdn.net 2 redirects
2 d.agkn.com 1 redirects tinhottrongngay360do.blogspot.com
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 bid.g.doubleclick.net imasdk.googleapis.com
2 connect.facebook.net tinhottrongngay360do.blogspot.com
connect.facebook.net
2 sites.google.com 2 redirects
2 maxcdn.bootstrapcdn.com tinhottrongngay360do.blogspot.com
maxcdn.bootstrapcdn.com
1 sync.adtelligent.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 mwzeom.zeotap.com
1 sync.e-volution.ai 1 redirects
1 cm.lentainform.com
1 s.pubmine.com
1 cm.idealmedia.io
1 green.erne.co 1 redirects
1 s.adtelligent.com cm.mgid.com
1 secure-assets.rubiconproject.com 1 redirects
1 c.mgid.com jsc.mgid.com
1 googlecm.hit.gemius.pl 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 i6.liadm.com
1 sync.mathtag.com 1 redirects
1 mb.taboola.com
1 s2.2mdn.net googleads.g.doubleclick.net
1 partners.tremorhub.com googleads.g.doubleclick.net
1 media.tctshop.com tinhottrongngay360do.blogspot.com
1 3.bp.blogspot.com tinhottrongngay360do.blogspot.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 sstatic1.histats.com tinhottrongngay360do.blogspot.com
1 2.bp.blogspot.com tinhottrongngay360do.blogspot.com
404 100
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.24h.com.vn
DigiCert SHA2 Secure Server CA		 2020-10-07 -
2021-11-07		 a year crt.sh
feed.mikle.com
AlphaSSL CA - SHA256 - G2		 2020-04-18 -
2022-04-19		 2 years crt.sh
*.googlegroups.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
ylx-1.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-10-12 -
2021-12-21		 2 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
www.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-11 -
2022-01-09		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2021-09-10 -
2021-12-09		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-10-15 -
2022-01-13		 3 months crt.sh
speedtest.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-08-26 -
2021-11-24		 3 months crt.sh
api.dmcdn.net
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
dmxleo.dailymotion.com
DigiCert SHA2 High Assurance Server CA		 2020-10-07 -
2021-11-08		 a year crt.sh
xe9o.xyz
R3		 2021-08-31 -
2021-11-29		 3 months crt.sh
ylx-i.advertica-cdn2.com
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
li.lisecurelink.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.cotavi.vn
Sectigo RSA Domain Validation Secure Server CA		 2020-12-30 -
2021-12-30		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
s.pubmine.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-15 -
2022-10-30		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh

This page contains 46 frames:

Primary Page: https://tinhottrongngay360do.blogspot.com/
Frame ID: 5A6FD5211B46ABA4441226641B97E164
Requests: 108 HTTP requests in this frame

Frame: https://ad.a-ads.com/377896?size=990x90
Frame ID: 96E5DD1A0E2F01946D8E95454062FA32
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=8628794061989775226&blogName=TIN+HOT+TRONG+NGA%CC%80Y&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tinhottrongngay360do.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tinhottrongngay360do.blogspot.com/&vt=2262821458976432913&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 2A1FCBA57CEE6CBA57A04EBCB04D2E59
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 3459B32F1DB85E42F8BC6CFAE31FD460
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&adk=1812271804&adf=3025194257&lmt=1634978205&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979559309&bpp=3&bdt=457&idt=78&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1818879106324&frm=20&pv=2&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: 74D8C9F555574DD9632A041F9D369FEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Frame ID: AE568C5A24D24819CC2E1418B91A7027
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Frame ID: BD714734818797860692E8D2A6810FE8
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9BD74845B7FC639FE7134D7E52A59E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8A07059B1B7E57AADA27ABFD732168EE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A36ED764C43EC1B218BEE510B622E652
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C93E3CE54E7B822257B3DB8F03A87C4C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 60CBDFC09C7B93A3EA1C80684CF75398
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Frame ID: DAEC2CB398AEA03F4E198685C8944B0C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Frame ID: 5D23A1CCD36016970D0AE263AAC449E1
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9A6F8A21898BFCA1A380421E39F0264
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Frame ID: A9BA1C9DCA6D87A4576A7DCFA650D153
Requests: 15 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
Frame ID: 9545FCC1D8B7D28CB710A1148C8B4209
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Ftintuc24hvietnam%2F&tabs&width=260&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1079009318866902
Frame ID: 351FAB87AD2C44F254C3360546F1A8B2
Requests: 2 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x5smq48
Frame ID: A74BDB8DEE8E7E62F28AB452F2C5F69C
Requests: 26 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x5tc271
Frame ID: B3DA5C3E61DAAE57B37A72995AD9820C
Requests: 27 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x5tc2ay
Frame ID: B334CDFE9CE02C17FBC65DC326325668
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Frame ID: 86E7EF24BEC83D9DDABA351F91330252
Requests: 13 HTTP requests in this frame

Frame: https://ad.a-ads.com/267590?size=200x200
Frame ID: 6D1872DC33D0769A341434BB97E0AC49
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/725691?size=160x600&background_color=ffc700
Frame ID: B063975B0B57FA0566990DDD5AE9747A
Requests: 3 HTTP requests in this frame

Frame: https://ylx-1.com/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839
Frame ID: 9AA70C649F188F6C9BEA678684FBA412
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1523556?size=240x400
Frame ID: 6E997ABB6855A9671B717FC5D0073D8B
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/725678?size=728x90
Frame ID: B0B989A8A4B3353ECB5E61A810B20317
Requests: 3 HTTP requests in this frame

Frame: https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Frame ID: C992DEB69893EFB2AD4AEFEF0F5F909A
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CA22326BD971D6F635257255D1ECAEF5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3943FC84B26F9C30277A345F364D6051
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
Frame ID: 09B7F5CEBAAA035AF8EA64DB27780A01
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8A5E6A39BD7BFCA69FD527E860320B51
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
Frame ID: B763C3292D3D1847563E0C1386D8846D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 1B3E97B3148301484751573CB4F06AA0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: F0C2CEE99D341E0BA7AA3A0AAFFCEC08
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: F5EED3409456B58198C95728D7085DF1
Requests: 1 HTTP requests in this frame

Frame: https://xe9o.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCGdZjjdZGrCikAAGjCxCZrdNrirNrrpNrkkCrCZZZCCrixCkiCrCrGCxCrpjrkAjdpCCrxi_81859&adApiR=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&refferer=3658164039_aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c&randomA=213336041452&realRef=bUZNbVNXdW9lWmh3dDcvUzBoMklpN1VuQTZQUUluRGZLYmtUZ2VUd3RWbz0=
Frame ID: 0CAF04E6A6C3CDA7F85478A5927B5A36
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59A5F8310E261E11D62D696A10485FC7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72CAE181A95453245F3678D1CCB6D5FB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 063D8A5F9CE81F41DF3DC402843AEE4D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB4C62D44168302DDC0EBE9CF0FD7154
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5E2359683048513B00809292DFFA92CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDFD839DF18EDFC24DFAEF6600BAB381
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1634979566807743391091
Frame ID: D9E3F0CE9665022BAB42CB8023655028
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: E1194A6F6BBB840FF596CC37FA890FB8
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 92E6C0608A8F03804F50308998C0DA7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TIN HOT TRONG NGÀY

Page URL History Show full URLs

  1. http://tinhottrongngay360do.blogspot.com/ HTTP 301
    https://tinhottrongngay360do.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

404
Requests

100 %
HTTPS

0 %
IPv6

63
Domains

100
Subdomains

71
IPs

13
Countries

15820 kB
Transfer

26279 kB
Size

69
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinhottrongngay360do.blogspot.com/ HTTP 301
    https://tinhottrongngay360do.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js HTTP 302
  • https://sites.google.com/site/tcteducom/videogiaitri4.js?attredirects=0 HTTP 302
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js?attachauth=ANoY7co1oIdJDCPDeorliR6yJ8o9CNvsKjQWyIWV4U7FnDVHl_Axg-17aa2LRSWbUtOJ-HDTlyy_BSqovRHQojAoDq82zrJpDdmbdocUZhu_RMi0cryPucwHm8h1hAv7XHwB7tsQ8s0ydK3ijajcs5pxbGI8-uDTWVJL_et9vUBMAgv8ux5sOjjZ_l0Zl8hLogmWr2A45vuJdAOuvrDzHq87YxfXU3YZzQ%3D%3D&attredirects=0
Request Chain 29
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js HTTP 302
  • https://sites.google.com/site/tcteducom/adwidgetdiendan250-1.js?attredirects=0 HTTP 302
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js?attachauth=ANoY7cru3ZHVW4jZ8XnYrGkSbzhmN7z5QJl1OxjozKDskNYpy_Ms_aH4Lt4sw0d_gsUS8b9c2wnE1RcrKXAjyde79BSiNKvyq9GyNsEQYv5mnP0TVf4864hlreH6yFdQKqlyWZn8IQfRlGo6YGK22Ip9qtc_ZNmE3fxdCI0204z5dzLvUbgbJCfuQNCM08_gK2bocSGHcVVxcl8uUO6NCLD3zx6waHo5MA%3D%3D&attredirects=0
Request Chain 85
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIPIeSDpabr_lj4oQoF-qyc&google_cver=1&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8&google_hm=Q0FFU0VJUEllU0RwYWJyX2xqNG9Rb0YtcXlj
Request Chain 86
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGTD4PLQg1TlHZwL93U0q38&google_cver=1&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGTD4PLQg1TlHZwL93U0q38&google_cver=1&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&google_hm=OumZKaRYz8ErZTVfavDBGw==
Request Chain 87
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGUcBJ2jfTkt9MFPQJBlB9Y&google_cver=1&google_push=AYg5qPKlBdxyYB7rT12ss_wSbBhFIN_4Ilt1yb4FcLFBRI_F3j-OdjjI2ph_qYXHYliVahaSCoDxqjjWUmF4dLPE0C_T0LqNSZ0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGUcBJ2jfTkt9MFPQJBlB9Y&google_cver=1&google_push=AYg5qPKlBdxyYB7rT12ss_wSbBhFIN_4Ilt1yb4FcLFBRI_F3j-OdjjI2ph_qYXHYliVahaSCoDxqjjWUmF4dLPE0C_T0LqNSZ0&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlBdxyYB7rT12ss_wSbBhFIN_4Ilt1yb4FcLFBRI_F3j-OdjjI2ph_qYXHYliVahaSCoDxqjjWUmF4dLPE0C_T0LqNSZ0
Request Chain 88
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMl8mBj95OQ-8keiIa1gQHs&google_cver=1&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY9Hp36s7LdiMS_-Io18fUU0_0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003TjctMjQtNU5GUg==&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY9Hp36s7LdiMS_-Io18fUU0_0
Request Chain 89
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_cver=1&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1
Request Chain 94
  • https://gcdn.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A52D74CD3E4F77A010A459FC575DB78929EA9071.642684F329BA4E6142EE1C44652A17F779ACED1F/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DD3F1ABD26B5943CCC0B81CF6849FECD4247F53.2F760B5C0DCF44A5D378DA55019B1DEC9EC64761/key/cms1/cms_redirect/yes/mh/hS/mip/216.131.114.199/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1634979386/mv/m/mvi/2/pl/24/file/file.mp4
Request Chain 107
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENOJQjDLURFtsJrkgP6hjm8&google_cver=1&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzMqh6E_rDK4PCXLtCp_zymZw30mgRTPWFdw-3ePdnRk HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzMqh6E_rDK4PCXLtCp_zymZw30mgRTPWFdw-3ePdnRk&google_hm=Cd1379gHzAeatOD5JZ8wAA
Request Chain 108
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6xDoFePGgV9QCnWkdoqeF9DnIJQlv0&google_gid=CAESEA0rg2lpUzqNHYzWKzkWzso&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6xDoFePGgV9QCnWkdoqeF9DnIJQlv0&google_gid=CAESEA0rg2lpUzqNHYzWKzkWzso&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjMwODU5MjEwMDA5MDk4NDYyMzMyMQ%3D%3D&google_push=AYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6xDoFePGgV9QCnWkdoqeF9DnIJQlv0
Request Chain 111
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA&google_hm=OumZKaRYz8ErZTVfavDBGw==
Request Chain 112
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECdP9UqZpITrB30JxXJZCQk&google_cver=1&google_push=AYg5qPKlI0Ow5r_7Ajl55dmRliPXwbzIVaAtSSs2FFtCt4j_6V8UWgAUmlu4KYIKZWnJKws494PsjbVdLrxFm4pz1kAPvR2nVQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlI0Ow5r_7Ajl55dmRliPXwbzIVaAtSSs2FFtCt4j_6V8UWgAUmlu4KYIKZWnJKws494PsjbVdLrxFm4pz1kAPvR2nVQ
Request Chain 113
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOPkFScxLTHT5_56h-x-EBI&google_cver=1&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTtL0od_TVIx7N-ur4INCO-udv4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003UVctMVYtRUhaSw==&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTtL0od_TVIx7N-ur4INCO-udv4
Request Chain 117
  • https://gcdn.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5A4FD9D0AAB39EE7301CDF10F60B93D0E4DCE4E5.81B6687CB70DA12AF963F9226A6C3BA70452893F/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/651676B2A8AECC426E34B7972C9F9FA5EFBF2927.75E9319218CB6CF6581C9C875A85DBD097D1FE7C/key/cms1/cms_redirect/yes/mh/w1/mip/216.131.114.199/mm/42/mn/sn-4g5e6ns7/ms/onc/mt/1634979145/mv/m/mvi/5/pl/24/file/file.mp4
Request Chain 128
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhj87Yy4ASABMAE&v=APEucNUjgqaD7EzFt0XoqOv9_MZ9KnvADp5_KeUebBvHpiHducLU5AJvDGoYL98UNERXR5vsqWvjrK1Sa5GTeee1ZUOdHYXHbw HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPO6XFY1K0vqnImasyfKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi4JCVZ8iUlNw-YGnrPty0&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBGOuWoambfxF5KLGZAMJ6A&google_cver=1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTQ1ODA2NzU2MzIyNTM3NA%3D%3D
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
Request Chain 151
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEK13YzRgGYcP-aA0V-bKe3Q&google_cver=1
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEBDErBZba2Ybq5DrVqIvEhU&google_cver=1
Request Chain 293
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51043 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fjp60kvtcpjb8bvt3ayrpjhk HTTP 302
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=81e25985-0f29-3367-93ea-27cc5a453026&widget.placement=51043&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=216.131.114.199&widget.alternative=Phone
Request Chain 294
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51044 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fjp60kvs1789rhd3yt7g6yze HTTP 302
  • https://i.liadm.com/s/section/51044?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb HTTP 303
  • https://i.liadm.com/s/section/51044?sh2=&source=safe_rtb&m=8806bb04f086720ce5a60ebc3760dafc&_li_chk=true&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&previous_uuid=925823fe49ff40e5a1a0eb64b1f405b2 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F748eecd6d04c4e3685ed53fca32678d6%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&925823fe-49ff-40e5-a1a0-eb64b1f405b2&previous_uuid=748eecd6d04c4e3685ed53fca32678d6 HTTP 302
  • https://i.liadm.com/s/e/1267/0/748eecd6d04c4e3685ed53fca32678d6?mpid=7156&muid=36dd6173-ceee-4100-818e-e72d2ea43106
Request Chain 295
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51045 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fjp60kvt6f6asd6m4zzmqvz6 HTTP 302
  • https://i6.liadm.com/s/section/51045?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb
Request Chain 296
  • https://feedads.feedblitz.com/i/116x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/44782 HTTP 301
  • https://spsec.feedblitz.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fjp60kvv5y96pk1brxwdpn4n HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Request Chain 297
  • https://feedads.feedblitz.com/i/19x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/96007 HTTP 301
  • https://spsec.feedblitz.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fjp60kvw2btj4t3p83hgcbwh HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOD5_4OObP7-8XIoP0n5Uqo&google_cver=1
Request Chain 319
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=857b9444-33df-11ec-9cc4-1d21b9eb0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODU3Yjk0MGEtMzNkZi0xMWVjLTljYzQtMWQyMWI5ZWIwMjA2
Request Chain 331
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2KUwonHeyjejXydbQzjR0wiZ63rJ_0QvSsJrZva6xuBUyIwdNDWZDXA5sc&google_gid=CAESEGAemR9s8pV6t6koV4qBtpc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBUWZHTUVJbQ&google_push=AYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2KUwonHeyjejXydbQzjR0wiZ63rJ_0QvSsJrZva6xuBUyIwdNDWZDXA5sc
Request Chain 332
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJTVSc5gjRtzzru4pKgU77oRDMt0qXFIC_C3BAcAgiY3IYTxxD2NR-DwiVdbSeyK4aWp2TqD7AlYSaiNvDSFLMuTl7gMdkD&google_gid=CAESEJ0MDio2YWcf6rh6nEZSb7I&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO2dz4sGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKVFZTYzVnalJ0enpydTRwS2dVNzdvUkRNdDBxWEZJQ19DM0JBY0FnaVkzSVlUeHhEMk5SLUR3aVZkYlNleUs0YVdwMlRxRDdBbFlTYWlOdkRTRkxNdVRsN2dNZGtE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNHFtZkNfNEVGSm5uLU5SZWtXTDdfUXNXaG10ZmhHQlhsbXZ2RHl2X1BXcw==&google_push
Request Chain 334
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPJ1H-mPcWax4ZUyWVl7arE_xvXsoWlgHzL6Q5YuWsd5uy1-xCyY_EzX_8aSlqAqWAXdrEwWC4XQsXOymEIXiL0alExp3B1q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
Request Chain 335
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECdP9UqZpITrB30JxXJZCQk&google_cver=1&google_push=AYg5qPJ5KqwEXEGvmK4ARf3aRhTot_CBel3IUmdxv-vbj9U9y5DXJpx8gNnORJSQcjlCUbxz92Xpf4GphsE7SpeUby-ALMQN_xf5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5KqwEXEGvmK4ARf3aRhTot_CBel3IUmdxv-vbj9U9y5DXJpx8gNnORJSQcjlCUbxz92Xpf4GphsE7SpeUby-ALMQN_xf5
Request Chain 339
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5djmaqlUIJU9bREdIXezzmsYxz1pa8KstxPY6UG_yhoLryesoF0NyjA2I&google_gid=CAESEGAemR9s8pV6t6koV4qBtpc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBQkVNb0RPLQ&google_push=AYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5djmaqlUIJU9bREdIXezzmsYxz1pa8KstxPY6UG_yhoLryesoF0NyjA2I
Request Chain 341
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPLc1QHDCpyuoBZrpJoz7wbJesJfDMMo0hwWLK1IsYy433b9zfdF3ecrlUykE6aoiDdEbvNbZM0-Ey02jwENLsl33ZB2m48 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
Request Chain 342
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECdP9UqZpITrB30JxXJZCQk&google_cver=1&google_push=AYg5qPKL5Pj9-MLa6Hh5nhIGX0BuPuYghBtWoD_PWAfulfIe7sLsTIiO__I4tB6OsYZ-ITmENfCRtK1jfKiy7XGzdXTfjonsvbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKL5Pj9-MLa6Hh5nhIGX0BuPuYghBtWoD_PWAfulfIe7sLsTIiO__I4tB6OsYZ-ITmENfCRtK1jfKiy7XGzdXTfjonsvbQ
Request Chain 345
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPao5Iy9nBqBkJnI-OiVvOs&google_cver=1&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFrlVWfKID5XT8lQt-7laNR4szoBukF1zLX97j-s2Z5HwyW4Rh4FNHnuwWtY-PFRzNGW6M5de1ah9w HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFrlVWfKID5XT8lQt-7laNR4szoBukF1zLX97j-s2Z5HwyW4Rh4FNHnuwWtY-PFRzNGW6M5de1ah9w&google_hm=
Request Chain 378
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 380
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=6ae8e45d-7053-4432-bbda-f55baebabb8e
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=MH4b793EYhuEzq4rF2CsXsa7&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=d736cbd9-16ce-4bf4-b0d7-265173ee897c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 383
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l9nqFHyZF6X1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9nqFHyZF6X1 HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d736cbd9-16ce-4bf4-b0d7-265173ee897c&ssp_data=&gdpr=&gdpr_consent=
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlucUZIeVpGNlgx&muidn=l9nqFHyZF6X1 HTTP 302
  • https://cm.mgid.com/google?muidn=l9nqFHyZF6X1&google_ula={guid},5&google_gid=CAESEPgKJOUXUCxx0gNUKPqs55o&google_cver=1
Request Chain 386
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9nqFHyZF6X1 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Request Chain 387
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=e69c81ff-b131-47b5-8d9d-ea753d81e8c5
Request Chain 388
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=7QXNiJWKiHta4A6K2ERO&pi=mgid&tc=1
Request Chain 389
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=6f6ad411-ce1d-4148-928f-e113e846e58c&ttl=1637571567
Request Chain 394
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
Request Chain 395
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
Request Chain 406
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=0f3c0c9ec823cde7

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tinhottrongngay360do.blogspot.com/
Redirect Chain
  • http://tinhottrongngay360do.blogspot.com/
  • https://tinhottrongngay360do.blogspot.com/
178 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
GSE /
Resource Hash
20156f6c56dc47dc6fc709cb375305201906b57f9da4fa08cf90d6bc7add01e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tinhottrongngay360do.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
expires
Sat, 23 Oct 2021 08:59:18 GMT
date
Sat, 23 Oct 2021 08:59:18 GMT
cache-control
private, max-age=0
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
etag
W/"3ab87f5c7d94594ed7ae379d5311119393e98c91ff932a548ae54a8602689a36"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
40606
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Location
https://tinhottrongngay360do.blogspot.com/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Sat, 23 Oct 2021 08:59:18 GMT
Expires
Sat, 23 Oct 2021 08:59:18 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
187
Server
GSE
1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f9.1e100.net
Software
sffe /
Resource Hash
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 21:03:35 GMT
x-content-type-options
nosniff
age
302144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36164
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 01:53:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 19 Oct 2022 21:03:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
38603c9fe9f125ae14f5d0552ddc60cce3ed905b1bd4a89f727966b1d50513dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51008
x-xss-protection
0
server
cafe
etag
4942890180852871902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 08:59:19 GMT
css
fonts.googleapis.com/ 		700 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
f4513657e2548edc52a5143900dd01969a0bf43b46c204802da310c94a1ffb17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:35:07 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:19 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
15823612
cdn-cachedat
2021-04-23 05:20:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
876047ba9b2ac1efe368c5a69850dae2
cf-ray
6a29c4c4886d413e-PRG
cdn-requestcountrycode
CZ
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		6 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,500,600
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
207ccc3e6060ecbc5e071bb280cac8a8582a24e16e9ddfa03bfc749c68df968c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:57:58 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:19 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
b6f1b4ee4ab7166896918e1fbf1c69d351a5d374505dc7dfb9ffcc8610a236cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:07:27 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:19 GMT
css
fonts.googleapis.com/ 		4 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Signika:400,300,600,700
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
cdf5542fdeca557662878a46ae932e7d9a58042e8a61c3c12e21fe13d6753618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:59:19 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:19 GMT
css
fonts.googleapis.com/ 		369 B
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vidaloka
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
5d1c0688903384d5a4ac57a129b767fbd20ce4fc2019ccf7521dd7ab67b348ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:12:35 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 19:26:43 GMT
x-content-type-options
nosniff
age
48756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 22 Oct 2022 19:26:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:05:00 GMT
x-content-type-options
nosniff
age
158059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 13:05:00 GMT
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
ESF /
Resource Hash
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gfpwYWTO0w8FtP81kwjtbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-gfpwYWTO0w8FtP81kwjtbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sat, 23 Oct 2021 08:59:19 GMT
search.png
2.bp.blogspot.com/-A8ngISud4IA/VmiVXmj_e8I/AAAAAAAAHXA/Y19kUQYNm2Y/s1600/ 		441 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-A8ngISud4IA/VmiVXmj_e8I/AAAAAAAAHXA/Y19kUQYNm2Y/s1600/search.png
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
dbc1d1a96adc2a2e301132f24afa7db91d0994bedee2aa6f6f342f99d3acdf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:34:02 GMT
x-content-type-options
nosniff
age
1517
content-disposition
inline;filename="search.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
441
x-xss-protection
0
server
fife
etag
"v1d71"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 10:38:39 GMT
1634950229-luuthong-3-5839-width645height439.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-23/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-23/1634950229-luuthong-3-5839-width645height439.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
6edd3fd929a57439ee6eb67a94728614d0961a37a8a3b75272baf354892a08de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Sat, 23 Oct 2021 00:53:01 GMT
Server
24h.com.vn
ETag
"61735ced-187b0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100272
Expires
Mon, 22 Nov 2021 08:59:19 GMT
1634949443-90014e176c2bf002d384d1c964565b0e-width800height533.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-23// 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-23//1634949443-90014e176c2bf002d384d1c964565b0e-width800height533.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
0449cc3c6561781b506e45d81c8b7aad36b1ab5dd2266e4d5883448144c27367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Sat, 23 Oct 2021 00:40:01 GMT
Server
24h.com.vn
ETag
"617359e1-8c4a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35914
Expires
Mon, 22 Nov 2021 08:59:19 GMT
1634947852-05bc06e42dfd326895a2b55eb9c79e4b-width800height533.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-23// 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-23//1634947852-05bc06e42dfd326895a2b55eb9c79e4b-width800height533.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
ee2c18bf02a291b52d82f31e7513932d78787d19d59b21de279075f0145d86ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Sat, 23 Oct 2021 00:15:01 GMT
Server
24h.com.vn
ETag
"61735405-2202c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
139308
Expires
Mon, 22 Nov 2021 08:59:19 GMT
1634947628-img-bgt-2021-246461820-399675125152755-4374317817989641457-n-2-1634813778-width1280height720-width700height393.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-23// 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-23//1634947628-img-bgt-2021-246461820-399675125152755-4374317817989641457-n-2-1634813778-width1280height720-width700height393.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
072a72d18f61c75df49019e216abc255d50ea01b8a7a415c59e5af7c18ce73a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Sat, 23 Oct 2021 00:09:01 GMT
Server
24h.com.vn
ETag
"6173529d-169dd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92637
Expires
Mon, 22 Nov 2021 08:59:19 GMT
VIDEO-om-cua-nhu-tay-dua-gay-hoa-cho-nu-tai-xe-xe-LEAD-lai-xe-may-bi-xu-ly-the-nao-ninja-1634896906-543-width660height370.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/VIDEO-om-cua-nhu-tay-dua-gay-hoa-cho-nu-tai-xe-xe-LEAD-lai-xe-may-bi-xu-ly-the-nao-ninja-1634896906-543-width660height370.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
5ad3f4bda669c7854f49aea856dd0e8568e0ac074695f6a4f1f60c0a86022e42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Fri, 22 Oct 2021 17:31:01 GMT
Server
24h.com.vn
ETag
"6172f555-67fc"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26620
Expires
Mon, 22 Nov 2021 08:59:19 GMT
Song-trong-so-hai-o-khu-tap-the-cho-sap-giua-long-Ha-Noi-nha-1-1624521612-408-width1004height565.jpg
image-us.24h.com.vn/upload/2-2021/images/2021-06-24/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/2-2021/images/2021-06-24/Song-trong-so-hai-o-khu-tap-the-cho-sap-giua-long-Ha-Noi-nha-1-1624521612-408-width1004height565.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
29c582f66cbb5f975410473161ed3fe3b874cf968e816d93bc8066ad0037e712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Last-Modified
Fri, 22 Oct 2021 17:29:02 GMT
Server
24h.com.vn
ETag
"6172f4de-4d70a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
317194
Expires
Mon, 22 Nov 2021 08:59:19 GMT
Phu-Tho-cach-ly-dieu-tri-F0-tai-nha-ava-1634917847-5-width660height494.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/Phu-Tho-cach-ly-dieu-tri-F0-tai-nha-ava-1634917847-5-width660height494.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
d85f8442324ba9b95823d51201409158e184a5c11abadda2ddf6ec2c007fcc5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 15:53:01 GMT
Server
24h.com.vn
ETag
"6172de5d-25b8e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
154510
Expires
Mon, 22 Nov 2021 08:59:20 GMT
Bien-dong-kha-nang-xuat-hien-bao-mien-Trung-nguy-co-lu-chong-lu-ngap-lut-1634913801-679-width660height440.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/Bien-dong-kha-nang-xuat-hien-bao-mien-Trung-nguy-co-lu-chong-lu-ngap-lut-1634913801-679-width660height440.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
8d1c5b5eb2f64b5fbeb21647bff6096805ce154b6a470d86815fbefa7b9fd707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 14:46:01 GMT
Server
24h.com.vn
ETag
"6172cea9-1364a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79434
Expires
Mon, 22 Nov 2021 08:59:20 GMT
Ha-Noi-khan-tim-nguoi-den-cac-dia-diem-lien-quan-den-2-ca-duong-tinh-SARS-CoV-2-cong-dong-anh-1-1634913390-348-width2048height1152.jpeg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/Ha-Noi-khan-tim-nguoi-den-cac-dia-diem-lien-quan-den-2-ca-duong-tinh-SARS-CoV-2-cong-dong-anh-1-1634913390-348-width2048height1152.jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
1d0ef9d3132621a9e8ffc54ad90c783fbe4a1080421555186e2b9b35047d0455

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 14:39:01 GMT
Server
24h.com.vn
ETag
"6172cd05-41c23"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
269347
Expires
Mon, 22 Nov 2021 08:59:20 GMT
1634911716-22570c2b4d69d52d5c8b56924f015c25-width684height455.jpeg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22// 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22//1634911716-22570c2b4d69d52d5c8b56924f015c25-width684height455.jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
423255dd98112c4038b1456993c79186ae5591d3d1e814a194129b039e7b1514

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 14:11:01 GMT
Server
24h.com.vn
ETag
"6172c675-118ec"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71916
Expires
Mon, 22 Nov 2021 08:59:20 GMT
1634910996-e7e667e43407f6f0135b08e91fa88ee9-width800height588.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22// 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22//1634910996-e7e667e43407f6f0135b08e91fa88ee9-width800height588.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
77b4d43995948900e7483a31d1257d9f62ceaa9777334c6163242ba9b33ac51e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 13:59:01 GMT
Server
24h.com.vn
ETag
"6172c3a5-d747"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55111
Expires
Mon, 22 Nov 2021 08:59:20 GMT
thang-may-1634896306-123-width660height371.jpeg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/thang-may-1634896306-123-width660height371.jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
86f8cf7f2cf47ec2ea1fafc5f1f358b259011b677c882c97fe70fca068555e8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 13:26:02 GMT
Server
24h.com.vn
ETag
"6172bbea-8f66"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36710
Expires
Mon, 22 Nov 2021 08:59:20 GMT
Nguoi-Sai-Gon-nga-nhao-tren-duong-ngap-ngay-trieu-cuong-dang-cao-anh-1-1634907846-611-width1200height800.jpg
image-us.24h.com.vn/upload/4-2021/images/2021-10-22/ 		555 KB
555 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-us.24h.com.vn/upload/4-2021/images/2021-10-22/Nguoi-Sai-Gon-nga-nhao-tren-duong-ngap-ngay-trieu-cuong-dang-cao-anh-1-1634907846-611-width1200height800.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-232-226.static.webnx.com
Software
24h.com.vn /
Resource Hash
6dc7d4e4269ae5917abb11d1f4aef191440786cfbbd6bc7fdd9bf31f907b6bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:20 GMT
Last-Modified
Fri, 22 Oct 2021 13:07:01 GMT
Server
24h.com.vn
ETag
"6172b775-8aaa9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
567977
Expires
Mon, 22 Nov 2021 08:59:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
4514e2c3a8030befb0505de0aa633e5e92d84b2521939103af36426aadfe1645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40408
x-xss-protection
0
server
cafe
etag
3572532338339155425
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 08:59:19 GMT
fw-loader.js
feed.mikle.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-loader.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
41c60ffc418d96aa6761f9de49de0c922137fef9b4cd386770f59165d0d2a236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
cache-control
no-cache
last-modified
Thu, 07 Oct 2021 14:24:22 GMT
server
nginx
content-encoding
gzip
etag
W/"615f0316-dfc"
content-type
application/javascript; charset=UTF-8
videogiaitri4.js
ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/
Redirect Chain
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js
  • https://sites.google.com/site/tcteducom/videogiaitri4.js?attredirects=0
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js?attachauth=ANoY7co1oIdJDCPDeorliR6yJ8o9CNvsKjQWyIWV4U7FnDVHl_Axg-17aa2LRSWbUtOJ-HDTlyy_BSqovRHQojAoDq82zrJpDdmbd...
498 B
203 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js?attachauth=ANoY7co1oIdJDCPDeorliR6yJ8o9CNvsKjQWyIWV4U7FnDVHl_Axg-17aa2LRSWbUtOJ-HDTlyy_BSqovRHQojAoDq82zrJpDdmbdocUZhu_RMi0cryPucwHm8h1hAv7XHwB7tsQ8s0ydK3ijajcs5pxbGI8-uDTWVJL_et9vUBMAgv8ux5sOjjZ_l0Zl8hLogmWr2A45vuJdAOuvrDzHq87YxfXU3YZzQ%3D%3D&attredirects=0
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.79.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eg-in-f137.1e100.net
Software
GSE /
Resource Hash
ee958494f44b533b30218f6b0285230b5cea6114be189dd316e7661400c9105b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="videogiaitri4.js"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 13 Aug 2017 11:29:03 GMT
server
GSE
etag
"1502623743874"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-ancestors 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js?attachauth=ANoY7co1oIdJDCPDeorliR6yJ8o9CNvsKjQWyIWV4U7FnDVHl_Axg-17aa2LRSWbUtOJ-HDTlyy_BSqovRHQojAoDq82zrJpDdmbdocUZhu_RMi0cryPucwHm8h1hAv7XHwB7tsQ8s0ydK3ijajcs5pxbGI8-uDTWVJL_et9vUBMAgv8ux5sOjjZ_l0Zl8hLogmWr2A45vuJdAOuvrDzHq87YxfXU3YZzQ%3D%3D&attredirects=0
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
437
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 08:59:19 GMT
0.gif
sstatic1.histats.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?2395014&101
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:19 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
adwidgetdiendan250-1.js
ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/
Redirect Chain
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js
  • https://sites.google.com/site/tcteducom/adwidgetdiendan250-1.js?attredirects=0
  • https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js?attachauth=ANoY7cru3ZHVW4jZ8XnYrGkSbzhmN7z5QJl1OxjozKDskNYpy_Ms_aH4Lt4sw0d_gsUS8b9c2wnE1RcrKXAjyde79BSiNK...
161 B
177 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js?attachauth=ANoY7cru3ZHVW4jZ8XnYrGkSbzhmN7z5QJl1OxjozKDskNYpy_Ms_aH4Lt4sw0d_gsUS8b9c2wnE1RcrKXAjyde79BSiNKvyq9GyNsEQYv5mnP0TVf4864hlreH6yFdQKqlyWZn8IQfRlGo6YGK22Ip9qtc_ZNmE3fxdCI0204z5dzLvUbgbJCfuQNCM08_gK2bocSGHcVVxcl8uUO6NCLD3zx6waHo5MA%3D%3D&attredirects=0
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.79.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
eg-in-f137.1e100.net
Software
GSE /
Resource Hash
7d221ddcad8292a0020e47f3aa8aab90573e52eb5199fb81b01a1fa6a66e2e2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="adwidgetdiendan250-1.js"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
153
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 13 Aug 2017 11:25:57 GMT
server
GSE
etag
"1502623557217"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-ancestors 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/adwidgetdiendan250-1.js?attachauth=ANoY7cru3ZHVW4jZ8XnYrGkSbzhmN7z5QJl1OxjozKDskNYpy_Ms_aH4Lt4sw0d_gsUS8b9c2wnE1RcrKXAjyde79BSiNKvyq9GyNsEQYv5mnP0TVf4864hlreH6yFdQKqlyWZn8IQfRlGo6YGK22Ip9qtc_ZNmE3fxdCI0204z5dzLvUbgbJCfuQNCM08_gK2bocSGHcVVxcl8uUO6NCLD3zx6waHo5MA%3D%3D&attredirects=0
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
444
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 08:59:19 GMT
bnr.php
ylx-1.com/ 		373 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ylx-1.com/bnr.php?section=General&pub=238923&format=300x250&ga=g
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
7b95de39f1b5a577639f93497c3a4b8e5e81e17e8d7bd723eb887a7ce822d658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:19 GMT
last-modified
Sat, 23 Oct 2021 08:59:19 GMT
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Sat, 23 Oct 2021 08:59:19 GMT
tinhottrongngay360do.blogspot.com.824436.js
jsc.mgid.com/t/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50164d7dc4649ee04a7ecfece3aab53ea627bb221b0c7658f495758d8a2ae166

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SWZ5Y70VV562AJM
last-modified
Wed, 08 Sep 2021 12:47:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
dpPAFfKr200kIy2nzwa445ft6XIzdCADlLzil6ilIwcaBHD8fS8V/r7J+BH5CdoeSrjPqoJS3Jc=
cf-bgj
minify
server
cloudflare
etag
W/"d2423e557b784a13953dff320b08eff2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a29c4c74ad24114-PRG
expires
Sat, 23 Oct 2021 11:59:19 GMT
tinhottrongngay360do.blogspot.com.866434.js
jsc.mgid.com/t/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af8683bdef35810e669817d34a10649f97abae62182d0b39124268b559e95bd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SWKVGFVT3M33PMQ
last-modified
Wed, 08 Sep 2021 12:47:40 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
h1D+1w2f0pJm31zpuiuQhFzhPZIuL2nYMIbesp8uBJKvkMcvlPigK56egTwcaiC4V/o5dixvh+Y=
cf-bgj
minify
server
cloudflare
etag
W/"59e10029066c7ae31978b17f768af7a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a29c4c7ae684120-PRG
expires
Sat, 23 Oct 2021 11:59:19 GMT
2918676466-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2918676466-widgets.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f9.1e100.net
Software
sffe /
Resource Hash
987a7916473accd47ffd7a227517e7764b547ad2d84fa85bc25f60413acb0790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:19:25 GMT
x-content-type-options
nosniff
age
369594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
158111
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 21:53:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 19 Oct 2022 02:19:25 GMT
377896
ad.a-ads.com/ Frame 96E5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/377896?size=990x90
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
c04a996ac11fe8f8bd3b1fd1c086eb228f5b55cfecb61d5dd94074638ed40029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 23 Oct 2021 08:59:19 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tinhottrongngay360do.blogspot.com/
Content-Encoding
gzip
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8628794061989775226&zx=a5d367c4-d81b-4d56-b12c-4496e7e6bf90
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:59:19 GMT
server
GSE
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
18c47eb5df968cee58eb6bfe315715410b07cb631a89c5ddc2604ac58725e30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zw3IXzeSVH1rIn3WOBDeSA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
KfTul58zaUypOu77tCTn/SpEPEfbSIbZmhufDtwtnMJJJvqb7/nqaZZfChemaFu6FcipwwW+ygSGHKYsGJHpIQ==
x-fb-trip-id
686109401
x-fb-content-md5
7b30da484921767812070a1db88aa001
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 23 Oct 2021 08:59:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1dfe4ae13dec7d0a58bbdcfac1a81ef8"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Oct 2021 09:16:42 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51558
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 09:03:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
a844cab38a5712112736841a511fdaeac69a4bfddbec8224679ec3af51351aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16795
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 15:41:20 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 03:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 03:32:19 GMT
default
tinhottrongngay360do.blogspot.com/feeds/posts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/feeds/posts/default?max-results=1&orderby=published&alt=json-in-script&callback=recentposts11
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
blogger-renderd /
Resource Hash
d9dbe776d4dfcad6d03a0f04f6d01ff3e252f55eed9fdb6131e88c3f24d4e071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default?max-results=1&orderby=published&alt=json-in-script&callback=recentposts11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tinhottrongngay360do.blogspot.com
referer
https://tinhottrongngay360do.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
server
blogger-renderd
etag
W/"f48b0b3168463481d8d5b10ef3e3ae753aa107544fc0384d05faf33b80a07bf4"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2871
x-xss-protection
0
expires
Sat, 23 Oct 2021 08:59:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
143688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:04:31 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v8/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v8/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
fe5f2a40422e9a55187b3204161cbce1ba1d03a2eb4fa971bd10451562fed99a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:23:23 GMT
x-content-type-options
nosniff
age
196556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16540
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:23:23 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8628794061989775226&zx=a5d367c4-d81b-4d56-b12c-4496e7e6bf90
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:59:19 GMT
server
GSE
date
Sat, 23 Oct 2021 08:59:19 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 2A1F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=8628794061989775226&blogName=TIN+HOT+TRONG+NGA%CC%80Y&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tinhottrongngay360do.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tinhottrongngay360do.blogspot.com/&vt=2262821458976432913&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f9.1e100.net
Software
GSE /
Resource Hash
db5e28baf438ce3cc47701d6e06de50f038375ce72108b60240d5fde0d3489d3
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=8628794061989775226&blogName=TIN+HOT+TRONG+NGA%CC%80Y&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tinhottrongngay360do.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tinhottrongngay360do.blogspot.com/&vt=2262821458976432913&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2626
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99030
x-xss-protection
0
server
cafe
etag
12563767464436874777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 08:59:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 3459 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 04:50:41 GMT
expires
Sat, 06 Nov 2021 04:50:41 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
14918
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 96E5 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ 		202 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tinhottrongngay360do.blogspot.com&callback=_gfp_s_&client=ca-pub-9019514334839995
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e580a43541eff58379fbbfab8eadc2b181208980db84b45185350f115c6c0658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
193
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinhottrongngay360do.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 74D8 		90 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&adk=1812271804&adf=3025194257&lmt=1634978205&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979559309&bpp=3&bdt=457&idt=78&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1818879106324&frm=20&pv=2&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
46cea1e05ac53c31205c3c0ce13c42d2ca7a6e3bffa679f36d17f33d2d137898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9019514334839995&output=html&adk=1812271804&adf=3025194257&lmt=1634978205&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979559309&bpp=3&bdt=457&idt=78&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1818879106324&frm=20&pv=2&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 08:59:19 GMT
server
cafe
content-length
32496
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 09:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 08:59:19 GMT
cache-control
private
all.js
connect.facebook.net/en_US/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=0aa5c99ac848bb6ba0ad0b11d16373e4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
8ab811f027bebc7f167410cc8efb788e4c0e7b24b49370d76ba7f135fc2286b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4J87hIbSvafiLyXCDIVuSw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78033
x-fb-rlafr
0
x-fb-debug
sFaAozEemE/6N0HD2X5j8GUV6Ddy+yaZgkqr5XYJ+z2mLmoeFOmUQDf0Fr5rSzvtUpf2Lij9xKIOjRWmhUKxVw==
x-fb-content-md5
6ad1eb575006ca2739200bf62ba3428b
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 23 Oct 2021 08:59:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"51ad6b52a742670fd39a087b7271fcae"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 23 Oct 2022 08:28:17 GMT
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 2A1F 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=8628794061989775226&blogName=TIN+HOT+TRONG+NGA%CC%80Y&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tinhottrongngay360do.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tinhottrongngay360do.blogspot.com/&vt=2262821458976432913&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
ESF /
Resource Hash
d30ed422a23856fcfc437670d25406ec0c659882201802d47dc42a36d9f72cef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h4PtKXURfUJj1Jnk8jMU0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"68126067195755b2d8760daf92bdf51c"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-h4PtKXURfUJj1Jnk8jMU0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sat, 23 Oct 2021 08:59:19 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8ae98072d667b481678ed09f28c9c838d449c8b4e7fdeed6375cb64c903b9f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52643
x-xss-protection
0
server
cafe
etag
4731667536215315327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 08:59:22 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 2A1F 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 00:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41810
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 22 Oct 2022 00:16:57 GMT
featured
tinhottrongngay360do.blogspot.com/feeds/posts/default/-/ 		2 KB
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/feeds/posts/default/-/featured?max-results=4&orderby=published&alt=json-in-script&callback=recentposts1
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
blogger-renderd /
Resource Hash
8993f75df2c9e0d4f49d5610f307e05200e64a37a2f14bd1b38f03915223e5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default/-/featured?max-results=4&orderby=published&alt=json-in-script&callback=recentposts1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tinhottrongngay360do.blogspot.com
referer
https://tinhottrongngay360do.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
server
blogger-renderd
etag
W/"f605ffc645f3b54e7c0d446bf6bbf7115dd5f7e72b1a160e563aff9b59cd9c3b"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
783
x-xss-protection
0
expires
Sat, 23 Oct 2021 08:59:21 GMT
no-image.png
3.bp.blogspot.com/-ltyYh4ysBHI/U04MKlHc6pI/AAAAAAAADQo/PFxXaGZu9PQ/w200-h140-c/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ltyYh4ysBHI/U04MKlHc6pI/AAAAAAAADQo/PFxXaGZu9PQ/w200-h140-c/no-image.png
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
cbb1abeec0baceede77ec7ae2a83e9bc51a784a8d45af600c3ade3fddbe55b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 06:55:57 GMT
x-content-type-options
nosniff
age
7403
content-disposition
inline;filename="no-image.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4221
x-xss-protection
0
server
fife
etag
"vd0b"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 27 Sep 2021 10:18:45 GMT
7cHrv4c3ipenMKlEavs7wH8.woff2
fonts.gstatic.com/s/vidaloka/v13/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vidaloka/v13/7cHrv4c3ipenMKlEavs7wH8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vidaloka
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0ebf9b3326b5a2bfe147c5d5283b8718fbcfd4f72320fe974d21f4e7f271a7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 07:43:38 GMT
x-content-type-options
nosniff
age
90942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:21:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 07:43:38 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-05-06 00:54:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64464
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5ddae06788be647b737745a273794173
accept-ranges
bytes
cf-ray
6a29c4d04aa4412b-PRG
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 06:51:05 GMT
x-content-type-options
nosniff
age
94095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 06:51:05 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinhottrongngay360do.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE56 		77 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0fcecabf1a58734d3a38b2f1a6a74ee87bfd3962d7087e3839786ee30d145b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 08:59:21 GMT
server
cafe
content-length
23347
x-xss-protection
0
set-cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc; expires=Mon, 23-Oct-2023 08:59:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 08:59:21 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BD71 		77 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3f37514d61ebde22e743cdb9cb966eea30ed97db6b54f1bed046b7071b02a63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 08:59:21 GMT
server
cafe
content-length
23285
x-xss-protection
0
set-cookie
IDE=AHWqTUlq0FJwZ7sJx8CVMRX3vGl6MWZob4qZWJS-iueK18Uh36GlYu9OkE8Z6Nvghso; expires=Mon, 23-Oct-2023 08:59:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 08:59:21 GMT
cache-control
private
summary
tinhottrongngay360do.blogspot.com/feeds/posts/ 		294 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
blogger-renderd /
Resource Hash
01cfbef99d4d694efdaa8da3449e43f1e165dd86d3d86a57936f24a713ea14a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tinhottrongngay360do.blogspot.com
referer
https://tinhottrongngay360do.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
server
blogger-renderd
etag
W/"50b8376bb05f8458ef4173927109c8e6baa711b1c8e520d6bc96c384aeea54c8"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44317
x-xss-protection
0
expires
Sat, 23 Oct 2021 08:59:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame BD71 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:46:33 GMT
css
fonts.googleapis.com/ Frame BD71 		8 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:50:11 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:21 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:21 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame BD71 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 10:37:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 21 Oct 2022 04:46:03 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame BD71 		353 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125199
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 10:37:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Thu, 20 Oct 2022 12:30:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BD71 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:51:47 GMT
l
www.google.com/ads/measurement/ Frame BD71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmqa_GTvjMztNZpTiM0CDwXW8QOd0bv2y2XDMI7EO3WUekzucx6XRhgqw1X8V-lTLmOepdKznC1oFA9D6sO0b7ze2UUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame BD71 		0
298 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kv3km7e2&c=5614056942567&slotId=2807028471283.5&qqid=CLu2zL-V4PMCFaHRuwgdX0kF2g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD71 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options
nosniff
age
141784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:36:17 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD71 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:47:56 GMT
x-content-type-options
nosniff
age
112285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 01:47:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD71 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
401504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD71 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=COszc6c5zYfudAaGj7_UP35KV0A2aganBZKv8lqqkDveS9P0IEAEgp4ecLWDJBqAB_IOcwQHIAQWoAwHIA5sEqgSfAk_QQb912m9mmuqJsa_ZzyuaJVWlrV9Q9EJA3CKP2pKm_s86P6zyHyzet93YxMhHQX1r_pvgBGk0UPnaqpYA6ootdjAVUDMNCzDlrJaqPGc-K6XuhBb_oSCtbp-Lp7YgWaqiv4u8KdRFrn2NewEu6I_VRAW5dvfOMYFXC4SR0uuP_sgrwJCPXMpX6U4dfAWvYkHN8oeTAvzvt-sO8JpbgTRz7-MM2KM9UpttfA0FqS643lo-6w7lDHO3MeLWOr7buCWz5f87q_gRZcASgN7ZuNW9eBMp6jVvB1XcJYcv8vjkw6YsHrcrzLCU4WVX6_fS4xiwfehu6sLsaEl1iv-hmH7Gs4L4zFgbP10HFLgpw_FANJNNICoUJVUbpdcASrFiwASPt5SC0APgBAOQBgGgBnaAB-z7474CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARhfgAoByAsB4AsBgAwBsBOX-asMyBOY3vndA9ATANgTCogUhxDYFAHQFQGAFwE&eventType=clickstring&clientTime=1634979561202&ai=COszc6c5zYfudAaGj7_UP35KV0A2aganBZKv8lqqkDveS9P0IEAEgp4ecLWDJBqAB_IOcwQHIAQWoAwHIA5sEqgSfAk_QQb912m9mmuqJsa_ZzyuaJVWlrV9Q9EJA3CKP2pKm_s86P6zyHyzet93YxMhHQX1r_pvgBGk0UPnaqpYA6ootdjAVUDMNCzDlrJaqPGc-K6XuhBb_oSCtbp-Lp7YgWaqiv4u8KdRFrn2NewEu6I_VRAW5dvfOMYFXC4SR0uuP_sgrwJCPXMpX6U4dfAWvYkHN8oeTAvzvt-sO8JpbgTRz7-MM2KM9UpttfA0FqS643lo-6w7lDHO3MeLWOr7buCWz5f87q_gRZcASgN7ZuNW9eBMp6jVvB1XcJYcv8vjkw6YsHrcrzLCU4WVX6_fS4xiwfehu6sLsaEl1iv-hmH7Gs4L4zFgbP10HFLgpw_FANJNNICoUJVUbpdcASrFiwASPt5SC0APgBAOQBgGgBnaAB-z7474CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARhfgAoByAsB4AsBgAwBsBOX-asMyBOY3vndA9ATANgTCogUhxDYFAHQFQGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BD71 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DwcnlM8mu6zJhF6AH_BnARdSXUHxC7IhJjCg6KVF7TjyeDM3dpe7XUmKk8SOsvLt35yO3v9MYsCmokpSp-vggTCtROHA&cry=1&dbm_d=AKAmf-AUpSAg2lTXyLx5ZtsBTLzz29kRwQ1paRQuWh-OX0qh7o_T4v9CysViwL_vFmc1JZ9HJeIacWl408cogmt4uskMYP7C9XEKHh_qbMARMrVb517wl-Mb5sKgXVZXYrkPkl9ZUucHslfk6FwJ6wnlGV0V83it5dIFDSxZSI930fTGv8TUmclXv5JaWGc3xylh6INYQW2S7mvN76pCNKXJRjiJldrcCqfGzt0-lH9my3sBipnKgs4tgWc4325rWsPbTBC-CKBVgcsBZWsew1GjG2gqvTqSceJKhPJ9fOwDWf0xLx6UxLlwx1OPhR9HoQticwblrC9pQmQ1S6bAXCiVI3_Xs-v0HPngceALEzy1HI9xHydU3r50g5Qw9-UG_BVVs-O7FY9oNwEDZXoiu4gOgZTgY5lQenY3VEQGNQKDoNfcUWbN9FoFUDddImR_Iwk7Kfs4KUR2DXJY7gSKXgqu1oVlw_bhkTjxMYs3w9vtkqYYQ8zyq4LPcczvOM6LmW2tWRrNyAfDeO8dqUyl2IkkUxHEPm2EvfPETMW6q-iHtfN3OOOoT5ndw3YRuw19UsaUv7fo4EQvQtk5HHeOLGwB-gFXAek10f3FdL8NWPjERXLtgLBDZ6Sxz1z9A2Ymq7BD78E1N_NGFm6_NDmwUTNsPh9i-3C83dEhD_kdTptDHLEgDT7RghQ8hIcBbveMTIjnQ81gv-JWXdhBWpH6dlORpH7dqnSqI5GV7hc9uW6S6ISCDkyG7HJt-h_QyXzS70nqUeCUVlxYB8Dzp_T_3ngYM-XFs3oRG4c_Pws2ptrkfssius_NUiy5C5UawidwIqwB2NMeb6mOSCn9ca9XCN2W82WxOTXW1s1qs6W3ZkWVPtzX7LXAR3R2K49BJHxZWUQ3F_K5PoQfsb5vELW2u38-EYCczmzJsr7iQ2TA68KWvGZWoalKR9T_Hlzs0YVxpaL6PKYgQv-hnoEPlX14qSNYv_I-dD4NfXtGMNi7GvzPGdy-npeluzgsiYS2rxbkYCNAtkFrDgc_GPBZC1jqDn-c4U3w8ZskYhCmh2Oj6poohZ2_uLb7oe1W-aQ0h1h5kNhYXrFX0tfeQKS0OlL6T4sTvTGfOr5yLRpSq7p0mQdw-5dqtxp1jo6r-86R_I9C9rrnwHaI74gM1ZmsoH25d3na_lvjr6Sx5K62f5f7wRgS6a1G_2P5a1BJivsOxFEiKvf1ReLZDEb50dvWLg6wq67k9YdKWh12N09m1cmwB8l1B-7EvGQh8K63icVB2eZc3xD_7jih1ER3RnaIfn1zDTmjoajHXZ512PB3yyP3LgLh435mFzX7OIHDda537JClgFHYyWT89J6Rmkv8soS5XWfZUsdj5Zouu7rdP_CI9Q-2f-aaeB4Sp7Tbl0rUJhDiS2eULsX1ZR9t4T9L6Y-TtvLgg_dnysVWM3-0oF1WnBo9t-t9RTwWoRIIzfM0V52RmvdHhGGdldkV_OoUP7nOvMFQ4P2s0hGHCrS6fmoCXFdVXvgUzmp0JnMansqvFtQ_Yv6LYZDlXsTZjDLzahNCKa_TgqyGX05s-CQ7aen1rSsuv21FimTfqeggNqUdMUG3hdbS261jnoyKTzxPn9kk_JTUstK3ulC6G6MwFOLMKaZcgpqSs0jz4lPrSFnMUwbO88kg9nWgLNW9Fd4AnU2Mrmy1gBUWLfdGzwZIwrZKf1AAECtEgKykqqTm2LG6WZgO9jAA7JFIzyNyhx1NHyvsJ2D3VKqO3V-ODYFBMpAtjcnvj42SoVkpNb2NvaXTYvVYe2uM8ZljnNvTqrZbAqvqyTvTJzkvp3ce4SVoM1JFR0zJC3hrz0H5Q5EYiZJkM3FfLE5YPIcAWaL8gzYnMGIcZkMK34aBv4BHWlaoYUwU_700FAR5WLMtwFn-ulGJcWZoe_iOkk7sIAyJZCltIxckU0sSvD_ckAZrkjSLsZRaExuLz-s4RrRyWznBj0RCUI4ulpf3hm-ILqRgmFRhMMJoAfzCklk5t9adlOlZmLVA-B0T5teROLlwjYdc-oGAlbphoytXza7GWWUNnhsjOs5SBENXd2EEEa3i_3L6U_rvZok0j9ZBOuDjuFD_BHxx4zFqTqkY8fM9GaCEYPsvK7Ww4k3YC6BNTiKzOFPAcv3iS3n5QwB0qUantkwAQkZDYQH1TIjhmVFjMPdVQ6WxxwqoWbQTdi1D9gJJi9QCPs_BCkrmRkxTWqzhKgrUzMlA-8bbAlOSmzmle8p4QIUi2AtC-cIrZwzaR3Spa1nniXkYMbYlFGNCulK8_xzXSvTozdAFMoXYFiTypeipyLk6m_ilwS1BbxmnszRHF_tnpncvTWzbYG5WSvVWPTZVcZBgKhsuQBONYf1m-9zljnne0njA26Uxv97_t6ML2Mglx7GNs_BIeeLTCU41EbLxkPKiqeWZK531-mUGLoJF6Dqh4GK7pl_6GPbdYF9BNV9dUfYzOKeaCGxMDzqfAd_aH0zc_oaFxhT-XkC3gET45h92wfUawC0ZA8xNEIFLSIZLD-4JxNNG_7mgJ0bpxksXTvuoC_wd269AI7iK8QKQCwLJ8jrIYrdxEdR5OnG_LGtkZ76jqL2DPx61M6J5zc3r7J6EbxPLNgT_l-VphWBAenBu_wL_9pg9e6XyHcW-SQ4lbmMOmZhcw5IpKAjlZXtFGpa5zIKwu8uxnav2T0e_6hiXWJ5ekZGdkbkj7quhOg1qKkXhwrwyPnz83_Q_KhP8Cku9y0AX3piT1gNL-7ou2PXW_0ifuvbIQwMy-i7LIXUIrSR8emL2bGrzBaVE_63HRPpnDvt5dk1dLxUE4a0M7XJ_Kf8toQFWf4Ct4Oy7v7R6IyvJy6c1iB08ajj0Tx8k9LrT1Q-n0hjsOMER1B-MTNmLHWSVxHzKmLTmnMdU-J08KKGVEuWMe0Cclq5htIWl3dCIHw9KdpKOhKGhnd7oNsQXMJy0zQeZpmSdAzYJcAC4fiD5GXi5lbODMZgM554I6HegzPXcigbsLngc_KyrCd4HwApncTABylMFESym5s2V8YJWuUbwRtgXEYrCOlKt9jwnvflvz9QCjCKkpI2Pteyo7TDOtfey_YoZi3MZewDsbrIG7hoMDB5gpUINQ-cfTTOoDjNkmoJWWIA7d4rMzSLQqsIFwmXmItL_C4s-At6t6Pomv4bKV45MKtmAdRw6EKy0sneRxb_4qE1553UzSwLYBs2yVndUiSoma8TCbekcHzO4xGWC79sZ6CjcYTrDfU6KUrnNPAq4jXKBGfqnEzlEqhoOIZxTymPEjs1jBXgy7k4QlRZFeJzDz4iwSd1kpiDe2ZFOiWyxS-M88GeT8qU_kGRYREWNSMF-k8EK1F2GflCOktCHNqi-AjkQCPmOUmcG_CKQ0QmfO6UyGnAB-ynZmvWvOnQznMAe23YOtzhIpzLJoA3X1YWiU8d6DOCLeVrhEzUEDQ8hEjJLz6YdP11ghLA23PG3INUXWjvYww&cid=CAASEuRoEqD1BQlmCpuexDJ12tBGGw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f157.1e100.net
Software
cafe /
Resource Hash
4bb09e0610d89521ad525926d76dac479fc86eb3fc6dc85ba2e4f0aecf25c970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13947
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BD71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClOqL6c5zYfudAaGj7_UP35KV0A2aganBZKv8lqqkDveS9P0IEAEgp4ecLWDJBqAB_IOcwQHIAQWoAwGqBJwCT9BBv3Xab2aa6omxr9nPK5olVaWtX1D0QkDcIo_akqb-zzo_rPIfLN633djEyEdBfWv-m-AEaTRQ-dqqlgDqii12MBVQMw0LMOWslqo8Zz4rpe6EFv-hIK1un4untiBZqqK_i7wp1EWufY17AS7oj9VEBbl2984xgVcLhJHS64_-yCvAkI9cylfpTh18Ba9iQc3yh5MC_O-36w7wmluBNHPv4wzYoz1Sm218DQWpLrjeWj7rDuUMc7cx4tY6vtu4JbPl_zur-BFlwBKA3tm41b14EynqNW8HVdwlhy_y-OTDpnQfLd5fItJzzNRegHtWY3f486tvoC-wK7Z6n7uSos-aml8RxQD6-rsHljEdLYBWULecOTg9_q0IoKnABI-3lILQA-AEA4gFnMWXoDWSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-z7474CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHChCuogUYtPvSsQHSCAcIgGEQARhfgAoByAsBsBOX-asMyBOY3vndA9ATANgTCogUhxDYFAHQFQGAFwGyFxwKGggAEhRwdWItOTAxOTUxNDMzNDgzOTk5NRgA&sigh=ZWrrgpZitqk&uach_m=[UACH]&cid=CAQSKQCNIrLMnRGZDob5Okb_xQWHBSmGxOdBtxDE33PMgIZsvEHDsHH9379L&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 23 Oct 2021 08:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E9BD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
24
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame BD71 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d877c7a0bba0e8c245383ca736887ae77569d680f0c5b7b926b09628cece511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame AE56 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:46:33 GMT
css
fonts.googleapis.com/ Frame AE56 		8 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:27:58 GMT
server
ESF
date
Sat, 23 Oct 2021 08:59:21 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 08:59:21 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame AE56 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 10:37:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 21 Oct 2022 04:46:03 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame AE56 		353 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125199
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 10:37:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Thu, 20 Oct 2022 12:30:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AE56 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:51:47 GMT
dpixel
cms.quantserve.com/ Frame E9BD 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHu0ObSZV3tQ-SYF8p9KHkQ&google_cver=1&google_push=AYg5qPI8T9XL40hpGdUH6shqcsJAJgWcRc803tLi_EwdpSFfaoXkb7UKV3FeAmxxOjaLf4Xk-ENn4WdZhXyJBbjMa5pJG_JZkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9BD
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIPIeSDpabr_lj4oQoF-qyc&google_cver=1&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8&google_hm=Q0FFU0VJUEllU0RwYWJyX2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8&google_hm=Q0FFU0VJUEllU0RwYWJyX2xqNG9Rb0YtcXlj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJWpayTgT6pt0oRhp41mcTIw53ycLRwHSCRnWcbST-jeiUNXEp56YcHBogCuydk-4ljBzY9CzxfS4THczq5ugzMXBzree8&google_hm=Q0FFU0VJUEllU0RwYWJyX2xqNG9Rb0YtcXlj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9BD
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGTD4PLQg1TlHZwL93U0q38&google_cver=1&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGTD4PLQg1TlHZwL93U0q38&google_cver=1&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&google_hm=OumZKaRYz8ErZTVfavDBGw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&google_hm=OumZKaRYz8ErZTVfavDBGw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:20 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIA0m8ScTxEMF8PnzlwTHiH2HVPhvBAxz_9dqqQRcCNDwA9Y7JbkGXcStw3gOJyfJNftKfQo9yUily-qUkXp_o8QLFG_w&google_hm=OumZKaRYz8ErZTVfavDBGw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
h8lkk1jclqsj4cof70p4g3hak85nsekc
pixel
cm.g.doubleclick.net/ Frame E9BD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlBdxyYB7rT12ss_wSbBhFIN_4Ilt1yb4FcLFBRI_F3j-OdjjI2ph_qYXHYliVahaSCoDxqjjWUmF4dLPE0C_T0LqNSZ0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlBdxyYB7rT12ss_wSbBhFIN_4Ilt1yb4FcLFBRI_F3j-OdjjI2ph_qYXHYliVahaSCoDxqjjWUmF4dLPE0C_T0LqNSZ0
date
Sat, 23 Oct 2021 08:59:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E9BD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMl8mBj95OQ-8keiIa1gQHs&google_cver=1&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003TjctMjQtNU5GUg==&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY9Hp36s7LdiMS_-Io18fUU0_0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003TjctMjQtNU5GUg==&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY9Hp36s7LdiMS_-Io18fUU0_0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003TjctMjQtNU5GUg==&google_push=AYg5qPLn_aje30qgkGzn40wml7t4S2HckBWits19z3Ik9FbfgKO3wQIrsxtlj-8Aoea22FMEnQY9Hp36s7LdiMS_-Io18fUU0_0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame E9BD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1x...
0
0
/
cc.adingo.jp/adx/push/ Frame E9BD 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEMSMLDkx41Dr6qkEKqouu5E&google_cver=1&google_push=AYg5qPKlI5s7pknqe72DKiHEep9aHU-gV8goGjLpNEQ8LrO92iCngrCiqwi5NmZHjhMZttUQpq4DpL5LPDSQzeo80MRVVYJCJSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.212.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-212-164.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:22 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame E9BD 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IT-lCG32wn7c4R_LHdArBdhxiqHedZ6W9UF5aGf_a3sq8XwTw3B1haQZz6B5OsoxyzP0sO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD71 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:50:15 GMT
x-content-type-options
nosniff
age
230946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5524
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:50:15 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BD71 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 05:36:45 GMT
file.mp4
r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BD71
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DD3F1ABD26B5943CCC0B81CF6849FECD4247F53.2F760B5C0DCF44A5D378DA55019B1DEC9EC64761/key/cms1/cms_redirect/yes/mh/hS/mip/216.131.114.199/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1634979386/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=3161970930&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560721&bpp=4&bdt=1869&idt=4&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280&nras=1&correlator=1818879106324&pv_h_ch=L0007&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hsVK8NAMov&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.188.135 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s34-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:21 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2238036
Last-Modified
Thu, 05 Aug 2021 12:58:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 23 Oct 2021 08:59:21 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
645
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DD3F1ABD26B5943CCC0B81CF6849FECD4247F53.2F760B5C0DCF44A5D378DA55019B1DEC9EC64761/key/cms1/cms_redirect/yes/mh/hS/mip/216.131.114.199/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1634979386/mv/m/mvi/2/pl/24/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 8A07 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Sun, 17 Oct 2021 10:51:41 GMT
expires
Mon, 17 Oct 2022 10:51:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
511660
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
csi
csi.gstatic.com/ Frame AE56 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kv3km7j7&c=8787502695495&slotId=4393751347747.5&qqid=COq0zL-V4PMCFSqF_Qcd_isJAg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AE56 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options
nosniff
age
141784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:36:17 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AE56 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:47:56 GMT
x-content-type-options
nosniff
age
112285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 01:47:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AE56 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
401504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE56 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB&eventType=clickstring&clientTime=1634979561386&ai=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame AE56 		30 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CIXh-ZRgpZgxk0Jcd0biV9G7hHeKNB4yQMt63qb9APOJ8O2psHZLNJ95AjBRA44T2Ox557HlwfV4N7imOIe_ikrcVaQA&dbm_d=AKAmf-D5ncyYy3rL_T27CxqToLulU2LJBvXcaGe1_blyjV69msr7B4dUxwfQqXd47AI_K73lAoJ20ty26BFD-RPAimTSx-H-w4-3OC6YlP8RfDWC7L6CXwMWBY61X-WzM-QmfCXDKHVMTJq9xetBn3pn-ZN-bdEVnMujkSRnt6NHrARa7e-pJiwdlNEYitapBukczpqvvUl_YyMCqpbU_iU-d0_rzgw1zDMHFB0UI5thbkwfdb08o-jzCXdofiy3bjntkr1xb0NAcpo7zgGSLJmK8j03RT2nJY079TXv8p-EcDaRWinCXyYN6VXWEJnPOBXxy1AnWGBl1_rrhlnI-M9EJJufvv80uKPQDBbxcJfKM2aiNxgOt_mG6ds6gTEJ1jX-xkmwQpH-M8qefTGsiUI_5C2K7VIq10geoyWvg14CxTdE2MT9pHUQzYJXwDQFexHHAL4d6-M9nylmH0gvs5z2zPcFzVxsKx-iSVd6uS27uZXL8oanaEoYESoxVcTl0p87JaHc0wbXdVxL1DANmgZtv9tnVvIiIySOjC7n8AyhCDnC4uaSphZjn5rOBSXl-9P49ebc3Sz5-hxtvqrbpTuGBSuJPVtd-xKx-TrW782o5ieGHtzZ7z1Y8aixicDdrvq2WIdu11x7gjoXFushBg2xa5LDdtl2pzgrupyp4Rjvnryd0X3tILbV-r6IH2MlMIh5D0Al3DdFnc53r1dZhSqjaBoHgWmiL5bZly_1b1r7qxsgt61odmsU7P1Sz_L6I9iNyopa_A2BoA2WIbuTkEH2OwziUyfFgNxYAT9grmEXxOj4atxyJkHQwo5YT0hzOCblqxVZYRikarjCkcShaGSugZvseY4ZdtOuqQqF-vP2mN-oUYySzSoEEq1zYnqCBj0olyijmuLHou4dl6U9wihL2QKt0GpONDJg4ApiwAsepwLKoHJh8_rF3VjVlLEpYFtsaNTIsgmnR0E1G5PlKtKnHkeApbxshNPkY4SAwMpRUas1kQzw3JJT4IoHPKqphHBpST1zbJmh7V4PG_3lA2J3MyoDNGKxJDF0bhhMcM9dycN_2jplwihsiV1ouErYor8FN2SIIVHnMziuzTFgkLPGkUBf4Once1JhbIJeAlZXZvhjmXshB5fj1WjXL0t87ftODJthSdaGdmMLnfFuOVgAkCzoLKm8wY4q1CNMQwmUocKvO8ObYWFGC9tbDH_K12UhWTk7sgLLNaaHl0fjUUVDF41W2_QGlFQzSLPVZin34mwsxf3369nnZD2IMabNr-iSC4S1-qGRf60QtRtByeoG3LmiKBroqQPeNNxXaK9SeMfjhIitA-XN4zuKoPxyb4oBb3Mt-KIsAZrgckvnafy_yzUJkj9vOtJL4r9vYZEPn_LYD5rXFBuV9hJLKtADZzzNl9Kpb-EgyPUJao-gYu0LqDCIYqwpOWDX8VBECOtiecWT1EVZCyO3vaSYOlo1huuyMGmYF94xXwomB8sl26f_Hxz93XxhrwX9gapN46CZpcsNmybr1Bg6Zlml-apJN8Qh3D-7ndYMOQ-VDIsVRkyYKTtv5D134h9klu6oUwSB_cuT6hFpnygPkwqdVDzsX4y5I1mN_OAGGFed_fTHfV3nr9kd-qdIXb2erSUDqlXi-p4BX-BREDGjYlgWWIRbxwCiy9puv1bbqnlDZXCJlvDKwTNKFbk72K1lvml_jiiwjdaF_5UxAq39NDFtWorRUsHvEv_Llh9aeSJhSONulvd3ww8HWRycawgIMhj9NLG0Wy-sS60HGTzxVmQgE1aIGExSNDIR14EwSEQ1HdA0onWdET1mMtzKaSb-h-SaGNHCJyyVmjzg7_MGK6WSw56aFIK_yILqtOYz9MOmQnX1gUz_Zs-m0Up1rmQnc9vk8KNuA1Htq5VjtcZxl5ZhN4R7hGTcHryCm6XfG1qqlK71hfiphysL0DHPRqGLD0nw3ng6322j8vH6MrijxbxfpHm8ksAbNAvurmmB18_5xlr3oBgE2OhoWlCqDw1BR-blBP9hVaWfiAzlC6V34G2Ma3mN2VGS3ivf4LSfxF1fWBV746vkSXp37u4L6SQGaF7Jjq3cGCm7hiK9YIP7pKYdIMjhHhQe2zdG7N5s_C_WmDHvMBUu5gG3x-YsYFAkiFchfqBDR-rHUgWBR8iy1I3vBV8_3iDExt3BGkygV4-R713cBZhlstrEGjiOofT8psTPei8z5wZWvyCLZKXrXJdneC6LWZUTx8W3duxCM8FKhI9dt6ZaWqS4yzh6UHtqXzEpQ-8hxJfgca2U9ORPAkomeQ47mBx5OrQSGlymUdB0nryedD2wtPpj7Astc_frYU--85i_vTFw5TxsVUcte8jhFnVDzCFZRAz9wAlRpEg-548PlZFba2JWT42Mlisd0aXfd9mGw20qolLn5e_k_ERUNuPuE-OyWs8CTUhapLhD7FHM97SVfMkpSvIrIKIO3Xe8jw-njZKtTpf5N1JkZDeT4aDNNrRalIzkZvTHD21TFjYpZdTk1-NSNrgJo1OnYwc8Z4_2m8AVtpd8dteESD-1G5rT_tJHqpv8UDBcygs1i7i5_cWzOPyvyLGK0t5fzF1hLJUhlb6vvIrtUDAvWem6rUkohAE-fMNEv-siJ9BDoc1EqKVNnfjWiffxJEbGIG6VLkPWkfZ3-zmI0V09kcPl1GZNeaUkDqhq994APQ4wY6MS1tvSDmr9j_NT9KUpGWEDmFVEye0KgboQM9k9wYaPUyDO2-0SF0HZnL31NguiXl4_1qht3wmbtm15JGF1fUT4nLob1VhVROjugB476oXIx67TJ9mP01HwWLZoMIuzNeJvmjoDKYLqvSbFnWpZC6RuwcGbpb1I4syppnVdOpTplPqTigE9QgNod8pmK8DKAAuCE_FQqjILqunybEGqj-XwnDEuQ-xQTUGSg9cwsRELTI0hfsLn8-YAxJmvH1zRpDI02jFK4QHwvs0wh1J65YR4wE7-4Uk9-_OO0spayuBEzlQmYcPpLOXbj1fL-YEyaWYqBtXAYnhOkMaFY-J4pLRZulZIDbpDr2eUwOdKQmL9NVhUWF7HsxgLFv2V92eyI6khnhrQWnrGtdmoBiW43ZrcTsbP0MV_a_UtfQXqxyJnZodDAKmOWgdOriJdS3N5qHWwMJHeE9JXCG827hjuel7ekeOwiHpaRpyeMs0sp84XCIedOtx_-y3Fdxn3qY0aDJINvcHzb2yBxgT666UAmCrUmMLjc8qktlJVYOv5FwqI8v5WacFEjr0r1gyO8SohnuASdKTGut8cp7DCCf3glN9-JLYassglN1KZ1U6PFyQ5nL5ZGwnLBAVd1FUB2TT_UN-vr4GxQRO9PL9YHOCK8vzZ7sU3xpe6tBZ9z9mxb-T2uzltY-F4ck70T_JJ02li38x4Zy21QmPQq9QHHEi7Tu682CxDYNbLrhu7WMX0Khk4BMD5AZafuGCo2msny7jf_EcuYiGvYdK0Jwd3j-FdMXEZQx9PmNKGQ4nkriw6PnmQhXpGUbgulxc8BkD3&cid=CAASEuRocxiKRlUP7PIA32SMg-uRQw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f157.1e100.net
Software
cafe /
Resource Hash
a1fbdad10e5e36c274797582a15b26038440b9354d8194e4d81611dab406b323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14366
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AE56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CM-T56c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAaoEmQJP0EF-_Auq5gP7YhrrQVK00lnwQ3k6EWyj3kRF4laK1L9WX0XRQPyMT5YIxCDPIU8Gwg-17LiE8mdnGvT_4qaow5OJYsNUXQPv1xbzMc0Cqjm6Qv0eeDaioVperqtuZ6_YEHUHxigDwGl4dX1gfL-sUH_Vh-HsS3REHhdVXyc0p1E5Vb2YEU31_LZx3rqffwnh9SYvroVvRu-0OIe1y6LxctbRtqrRzuCNHjKvAl8vXvP94VXoBSvPVGFG48iRKr6SLH96kJ3IFfFIZZr7Wq03MbnzwAOSQ1dDr1DpiNJK77zs9dVSt0yUQKDpRn3SOTGGuUuwkZbIpJElSPGp022Q6-8dpVoTZoFO6iTIYt4hWMtxUhz92t12-cAEmM7C1-AD4AQDiAXqkdTyN5IFBggDEAEYAZIFBggbEAEYAZIFCwgiEAEYAUimqZwBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfqkMnGAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ1JZYGPztjLgB0ggHCIBhEAEYX4AKAcgLAbAT-c-ADcgTkonO3gPYEwqIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItOTAxOTUxNDMzNDgzOTk5NRgA&sigh=oygn644FhbE&uach_m=[UACH]&cid=CAQSKQCNIrLMUFZfBHU6bh0XgC8dicAN6cIdkO7ihCiXSdzU_TEpeLRJ5917&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 23 Oct 2021 08:59:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A36E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
24
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame AE56 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82ff561e1774f0e032b7baa80469f401d0d5d7043989b3ec8797ed161cffb0e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AE56 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:50:15 GMT
x-content-type-options
nosniff
age
230946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5524
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:50:15 GMT
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 8A07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
pixel
cm.g.doubleclick.net/ Frame A36E
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENOJQjDLURFtsJrkgP6hjm8&google_cver=1&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzM...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzMqh6E_rDK4PCXLtCp_zymZw30mgRTPWFdw-3ePdnRk&google_hm=Cd1379g...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzMqh6E_rDK4PCXLtCp_zymZw30mgRTPWFdw-3ePdnRk&google_hm=Cd1379gHzAeatOD5JZ8wAA
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL5_sjYHG-ZkkPVFAX6HixQtxFdDCN6UerkKJ-hJBbbw1erX3hgzMqh6E_rDK4PCXLtCp_zymZw30mgRTPWFdw-3ePdnRk&google_hm=Cd1379gHzAeatOD5JZ8wAA
pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A36E
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJLtTF_...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJLtTF_...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjMwODU5MjEwMDA5MDk4NDYyMzMyMQ%3D%3D&google_push=AYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjMwODU5MjEwMDA5MDk4NDYyMzMyMQ%3D%3D&google_push=AYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6xDoFePGgV9QCnWkdoqeF9DnIJQlv0
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjMwODU5MjEwMDA5MDk4NDYyMzMyMQ%3D%3D&google_push=AYg5qPJLtTF_xicYjESekBLKkJyBp83hgXBQDKycJBWp6vSgTnb_akxPyimAI5remd5xh6xDoFePGgV9QCnWkdoqeF9DnIJQlv0
pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 23 Oct 2021 08:59:21 GMT
sync
odr.mookie1.com/t/v2/ Frame A36E 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI9ryton2IH41axVpRUzb3s&google_push=AYg5qPJ6B13I-LNaTjIt9tiCY4BI0lSSlLHt-jQPgmVlcqxcvi11vV_X-g_b7osQUHxDkEEXelD_dEnIqesry5hFiaND_maS2Ts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame A36E 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGhYCPcAzHZU7t5MJWYWGyc&google_cver=1&google_push=AYg5qPLNeubaKWr94SH7D-TP8ZdMHKwYafWX13zcMHDVBkwXNpmBAGHnQKwMyieiLsY6KyNf-zg5YlRe_rdp3B6DZjcBhc3p63U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A36E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA&google_hm=OumZKaRYz8ErZTVfavDBGw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA&google_hm=OumZKaRYz8ErZTVfavDBGw==
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:20 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKB28XQDyq7ZwLQ8BU0ES7clE1obpZuyFs2PxbjkwKlNK_aSVZxMnwz9OH9tB0BBgyB6V5ty1TFUvPpra-iuQ5YJzhgoA&google_hm=OumZKaRYz8ErZTVfavDBGw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
2khul9ttirgo93o2ub94l0epgtt2hhve
pixel
cm.g.doubleclick.net/ Frame A36E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlI0Ow5r_7Ajl55dmRliPXwbzIVaAtSSs2FFtCt4j_6V8UWgAUmlu4KYIKZWnJKws494PsjbVdLrxFm4pz1kAPvR2nVQ
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKlI0Ow5r_7Ajl55dmRliPXwbzIVaAtSSs2FFtCt4j_6V8UWgAUmlu4KYIKZWnJKws494PsjbVdLrxFm4pz1kAPvR2nVQ
date
Sat, 23 Oct 2021 08:59:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A36E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOPkFScxLTHT5_56h-x-EBI&google_cver=1&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003UVctMVYtRUhaSw==&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTtL0od_TVIx7N-ur4INCO-udv4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003UVctMVYtRUhaSw==&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTtL0od_TVIx7N-ur4INCO-udv4
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1YzS003UVctMVYtRUhaSw==&google_push=AYg5qPLk0lOPyZmnzUT1d03dIcG_nE9F5TQC1Wiih-b15YOuuAieOAXz5bU9sWqZ56I0mBWZMTtL0od_TVIx7N-ur4INCO-udv4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame A36E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IduJNRmNInvZxRvez012qlABNjmRrkilXSpvYBoNCeiQu1BH3jslLPtBaOAixFovGxwSWI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
file.mp4
r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BD71 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsz.c.2mdn.net/videoplayback/id/18513d1180abbdec/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666515561/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DD3F1ABD26B5943CCC0B81CF6849FECD4247F53.2F760B5C0DCF44A5D378DA55019B1DEC9EC64761/key/cms1/cms_redirect/yes/mh/hS/mip/216.131.114.199/mm/42/mn/sn-4g5ednsz/ms/onc/mt/1634979386/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.188.135 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s34-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
013c821f6dfee23afd1e79e336a0af63b4ca4c6a70ade399be9c56d370e25e1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2238035/2238036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2238036
expires
Sat, 23 Oct 2021 08:59:21 GMT
last-modified
Thu, 05 Aug 2021 12:58:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame AE56 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 05:36:45 GMT
file.mp4
r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame AE56
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/651676B2A8AECC426E34B7972C9F9FA5EFBF2927.75E9319218CB6CF6581C9C875A85DBD097D1FE7C/key/cms1/cms_redirect/yes/mh/w1/mip/216.131.114.199/mm/42/mn/sn-4g5e6ns7/ms/onc/mt/1634979145/mv/m/mvi/5/pl/24/file/file.mp4
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.182.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s30-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:21 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4415312
Last-Modified
Tue, 19 Oct 2021 17:44:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 23 Oct 2021 08:59:21 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/651676B2A8AECC426E34B7972C9F9FA5EFBF2927.75E9319218CB6CF6581C9C875A85DBD097D1FE7C/key/cms1/cms_redirect/yes/mh/w1/mip/216.131.114.199/mm/42/mn/sn-4g5e6ns7/ms/onc/mt/1634979145/mv/m/mvi/5/pl/24/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AE56 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kv3km7je&c=8787502695495&slotId=4393751347747.5&qqid=COq0zL-V4PMCFSqF_Qcd_isJAg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.lm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame C93E 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Sun, 17 Oct 2021 10:51:41 GMT
expires
Mon, 17 Oct 2022 10:51:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
511660
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
file.mp4
r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame AE56 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6ns7.c.2mdn.net/videoplayback/id/41fb00a355d0fa4f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779113449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/651676B2A8AECC426E34B7972C9F9FA5EFBF2927.75E9319218CB6CF6581C9C875A85DBD097D1FE7C/key/cms1/cms_redirect/yes/mh/w1/mip/216.131.114.199/mm/42/mn/sn-4g5e6ns7/ms/onc/mt/1634979145/mv/m/mvi/5/pl/24/file/file.mp4
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s30-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
ccfe5937aa746cfead160b1dd3886b7fed3d73cc8476b920f10cc65b4cf48e02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4415311/4415312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4415312
expires
Sat, 23 Oct 2021 08:59:21 GMT
last-modified
Tue, 19 Oct 2021 17:44:08 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame AE56 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kv3km7m1&c=8787502695495&slotId=4393751347747.5&qqid=COq0zL-V4PMCFSqF_Qcd_isJAg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F41fb00a355d0fa4f%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3779113449%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F5A4FD9D0AAB39EE7301CDF10F60B93D0E4DCE4E5.81B6687CB70DA12AF963F9226A6C3BA70452893F%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A07 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTayc6c5zYZGTHJWQ1wbfzY6gBQAAAAA4AeAEAg&bg=!9_Sl9LDNAAbUs_yW1LM7ACkAdvg8WsxfRQb05vx6CMFqBttwNygF2zVP8YTaoHkAlAnLz4WbgHpyZgIAAACcUgAAABNoAQeZAuhTYuCypM8yaeRaS1Bt10qOklyYNxVd1Stn9hmzBRsNSetXwcMn1NT6veisiFpbjLE94rqW9dxZfOWuLwD08j34v06Hyie4Hlx1wm8W7QHGYdMWPIOZ-UNp3y2u10YLk0fFoJzB9oBod9nEUsenvLruEBX1-m6EU8vr04FtAZZSr4C-i6b5sm0Wya_KBaCbv63q6oflxRtalrXD1D1P3TSKBc_KciUpc1liB-XLXMQnowtRhMFgMJsgn5F2zoA8c6AAKlvvxScDrAAwOxx56XjbksTDRgIowN5NOoeFw0UYEv60JePEXq0NBok-zJ2VaLYnVjwZE1Qwgrbsk_N2Qh0aoGMA-mNHMve1T1pntxhNuRxZ9nXFfkFY7jfwmVj6bUbtdwQYp4QDresvdpF0konSwvTmr_JFo9fjOVLTCpkNoNvYLGmb-sSx12qBKJUsrFWH_Q7-mJzmwt2FmqJODZw1yvLtScaWTIOAr5_4WzeUCY65xQWFFI_gFW98CtMtW8cJvF_m49cl1DMj1R30GjWIRiEbpOwdYssqVPMFDsvBAnEI_VOJciv8GkZe4QMT75xCuO7UGcOvqc76IWQuDuiawBVjR8cIbQGt66CuvxUNQHCpUNxcdB-QUgJ3VnMG4ciX5-R1ev1kV-4nufawBunM_szTR2HgVTa_q32l14mQYurzixukcR7yyU2ye5YdVsYxFtF8BpPGVArYWDKtEWO7QK5aUA-36R_rQJSKwWe-dCS1r-ZXqcGvT_wIqVxsx4Kz5DeAflPQGM2Hvru9yeRv6UXNA_fTd-PE3mqGIROlttFFtdAasr_3TBTRgK4fsnHaXi79E4oMHm6Lerhr8Q9i59dlRYDuKRnRat5jp9PT9ae1Q1r5fCOy7EnWddFIwuP8XNZJ9PhXOkv5crWmrez7PRgN5hzFHMp5FKWU2V9LBry4QEp7GSIQ-o6Z1DgtR_34VOIs8D6Qs74Sf_tkr7h2C7gDsreobYA
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame C93E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb...
ade.googlesyndication.com/ddm/activity/ Frame AE56 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634979561781;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB&sigh=B3xBSsQnnGQ&label=part2viewed&ad_mt=7&acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634979561781
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AE56 		0
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWbxcz-wjWKCNN8TpAGLu03xyAlMSpoKKg45RhklAXE4lpyrGE8bwAga0vIFpJJMSaMtSM9iAUPb5vSzMp1bo8XFAB5pydjskpZ10jxLs8xAXEkPAMbohOKpckPTbtuZgk2hPBtv5CLPQIR1Iog8j0nliW3J1qRtLOemqaSiRFlJbzFVveTnfoIe215_ZVbLiqg-u1c47aMKQ_xxL_8WTR7kBWBycw0IYHd92tT_1MT3XlR8de-Az1NtiYE98gw2PVi9_FvKmHkAaw2J2uvB2mAhtMmQDgcN-oO7dXbLMQT4RP0fo6MZfnPdcHDoo9gQKqMAA6Mba2OezoewyPMPwoTqxyVXGHJGEHVIpoivOHkJFfJFpoqDreL45Fk6OPfXb5ms8u7LYEOIMF5thFK8-O8S9heFOWHz0kpreB-tbI1iLfXJIDIr1f5yM_FlwjXqxTFDeoqHYiXhFGtMagO7CZ_1vfFtfjdWyYTpJTbFaS1dcxf0u6_lzkuff69benbmax5JeelunTPTYrYvnGx80dsqfmK7o0PT8o0dsqLyM4vTGpev1V_ePgp8G6Z89XLZdC75FMe7sbqkMO-OLmQgts9c5-yxc8Bq5jN9cwpCPZ0_wBR5Ycp2jdpI_s9mtkLcmtdrMqXnEZKGVyHv71hhOVa2Oua2sg9ZwM29vYVTEb06leskTwBvQ-4UwuveKnNd504duNsTAsCnW4GSVtwo87htHjmKZ9DDSHLvZvyemx_lB-35onBnI55orasg6izoyopJpIa6rFe8wV8DZrI3CdbEnrM_hMDSor-tjxJLRw25ibJ8k6uhe_pVnB3L1FKy4MBERsxSEN4xZ38IXJHYGGHr5gEOPA6PTuyBBLnFtNIMiMiEnbjsO4FzNgndmAS6cDN6Eoy_P-4t4zOgum5ebZxFc27VM5wkTUxREZoqdruPW3EyZI1k99_ztqW6J3-DAntVo4i3D0jMQJnx37acCHWrEmqYeLYvQ1Yo488IQHO-MAJ60aCQX6wMQoxhxBKsl97gVL6iyTk0y3zhwZ8KBLHpbfUVpdg8BD2POMwhZsWbZuEa8-c_NNgZGxL6A_AwdXSraZoB-c43Z7R5JdtzIvTAlEPKdzHbImLjfXPljY2BfNs-qksXKD1g-FdomL3e8GAciSSVck4DntR5ctm0TlzwSInYMleV2b1tXoZHkessdwrqMle4Up_dvV1DFxR21OYeZRWWgD6vc1gAWsaeLtFyQVO2KZNd55bxdFXvMA5Dzox1lOOOXqFINU7a4KRa5aRThZFmkjCGRIbfPQzIwQeQ-0wuZ_hLeSjg&sai=AMfl-YQoncMsEWaYd4UxBlM5Ob6tsntfPbWr1t6teEgTYtGVwNt8eOdK4gM1hwxJqxgOA6fO2YhUJyUH1v869kys66mnl5LOSDVckFuNM0e2SFu3R0iFaK1fsaDpmBzJVQi4JwYbeWQMM0i_MaAUfWudKbj9xfOU0dl-BF5L51k2Oc_ZB0PHbDdU4Q&sig=Cg0ArKJSzCgSvE25xuMYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 23 Oct 2021 08:59:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
/
d.agkn.com/pixel/2387/ Frame AE56 		43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=US&st=&city=0&dma=0&zp=&bw=3&che=1375940034&col=26724603,6031710,317605300,510206544,159850690
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.251.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-251-131.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE56
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhj87Yy4ASABMAE&v=APEucNUjgqaD7EzFt0XoqOv9_MZ9KnvADp5_KeUebBvHpiHducLU5AJvDGoYL98UNERXR5vsqWvjrK1Sa5GTeee1ZUOdHYXHbw
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPO6XFY1K0vqnImasyfKgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi4JCVZ8iUlNw-YGnrPty0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi4JCVZ8iUlNw-YGnrPty0&google_cver=1
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Oct 2021 08:59:22 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi4JCVZ8iUlNw-YGnrPty0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE56 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb...
ade.googlesyndication.com/ddm/activity/ Frame AE56 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634979561781;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7pYZaElKU2RNff-mRkZcCUNoOsgtKn7H3xTPXWBcHVIAhziEZtaPxErnFSqPx_qgXBI_UpmVYxo6xugB1yYBjE-mDsCCDCIFP6a_qtE3HgGYQszE&sai=AMfl-YQWgLpShwjVJm5qxBDsEXKEmaA2E9NeV0HaBYUMT1FBLV5s9hE7Ia5akSy58B5Gx6xihRagAsIes0HN0zTiGRexfzc_ObILxn4&sig=Cg0ArKJSzFRA_E6H7_MVEAE&cid=CAASEuRocxiKRlUP7PIA32SMg-uRQw&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634979561781&avm=1
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB&sigh=B3xBSsQnnGQ&label=vast_creativeview&ad_mt=7&acvw=sv%3D20211013%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D6%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1634979561781
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AE56 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kv3km7rn&c=8787502695495&slotId=4393751347747.5&qqid=COq0zL-V4PMCFSqF_Qcd_isJAg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&dm=30000&event_name=first_play&asset_bytes=225642&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.ur~videopreviewstarted.uu
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C93E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bv6U16c5zYZfbJdWnmLAPuMiAqAcAAAAAOAHgBAI&bg=!r6ylrOjNAAbUs_yW1LM7ACkAdvg8Wtdbfw_oGs98sqprMgBsddXRxYwrzV6b9X207JT4aYosOjeXVAIAAADQUgAAAA1oAQeZAv-5sVZQy3M-Xx4AdoTT8MCJFQSiqjjUBNcnxdkVMbf-Bh7Py5UvVzSc1p9zBySYfLjT02OB-d-6AYJsdw-cogAgaAJbSD_4Ue8AgwKz9DHSTLaIcYxIzLwi24KfAeSiaPVvZk5bahR5Jt3hoxo-8BetmT88LUVAT4zD-QcSunvn1_dxBZ6MBNtfWghJBmmDbkVEO5PfNQ5cUUZBQmkBBQyQ-BZKZSI3MaXY5y-XrGdESv-023cy4PyUG70uzcqI4lixGeVhFzerLQHjXJ4cgvQ3i3sIJUbU6uqWIPdLomGQpQa_9vPcbgZutW8E4poSGUT6vfA4OHLb7q-sc7gk69-F-I0IoGe4JGoaACoPThIOVI-H8WkKsMmFnu2MljZ8L9XG6xiIgYg0JKpPBGr3qWKy9coVvpj63exe6i588Vm2mpFUAqzg6Y3BvvJHuM8n4_GHrG3Aruh1BjlbNZqR4I2--08YCijIuMbmwzEVFyQvekIwmCN4v-hpyu6R9ELNO7LQsThXEvhZrCnt0Rhyamk8EaEx2nX7vn6OumNEkSYDsQyaofueLOx5W-MBpS3c2thCUOSPD3i9Mn5_xyyyZjffsJp0NItIT-hj8lUd_LPy5LcBcRotFAsLDlsON7xg_huNTpxEU6jbJ9rokZhj8CwaQm4OZinkoqUiGXdqVOb-DDGBwPBccEZ2PQquISRUlJVoHyvXx2lWX4WQr1bp4t_mF-VR8keoDXUzx_6ayEtitMTc0DbQFTRrd5nfFV7CqyPAiwz1mdeT9xTdv9oYU3u-Pxm1UFCLiFZvXyth1hwvEU8e2JRrR7SwWtrwMxwL4e8bv17Q5IAl6JCsq5ysoC105Ca7aPa1MHWdr144hIvtLq3_L57kJ-8Z4hrF9Llk09mbUFi3MH3qbvbk7G7VNtr3AJafdSNkOg2ZPhGVUgFZ7iFVczReKvfMZu8d1ynglCvjX_BBB545sAyVaOsyWqI_6_NWTeIYq8KLplIV-51HW-tBPIiz8cGQCJa2XsjP7g
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinhottrongngay360do.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame 60CB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 22 Oct 2021 12:01:23 GMT
expires
Fri, 05 Nov 2021 12:01:23 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
75479
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAEC 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 08:59:22 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 5D23 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:56:15 GMT
5766790462732067972
s0.2mdn.net/simgad/ Frame 5D23 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5766790462732067972
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
a603a5b5b17a1845503de11ada8c0a9d5a88f88ed067774be29f8fd6d3beefdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:13:52 GMT
x-content-type-options
nosniff
age
107130
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37282
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 21:03:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 03:13:52 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 5D23 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2631
x-xss-protection
0
server
cafe
etag
10983085961369067521
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:05:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5D23 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssm3ThwzGOP5dQkfZuwJ5wPhjagd0Z462pCizi4edHKcFQaiwc_CVa6P33xVxTnsE3Dbcu70CmDKGdM5dkHGyvU95swg-C8IIMARXFc5C2kJ8Tq0Se7zb50m_ckW0uPuqweSQgJfd385Q-LeYeYPBpeNkuQkD-fPvCXamPJfDolPrpyjNbKlhalTbSC6moasz_rM2870eZZ5xUTmaM86clI1tzQrvuvdHHvxFsudcadSu_csy7evlkxMYz8MES-vr26jbLrwYNI02gwqcbpotMqStXx5MonfXzG4Hh5tTyV9ypop4FalW2l2-3eAbliL9SJTZCZg_QdSYq9UJEXR1PKGpIYPe8LPf9LfDSiYhNgktA2qONwiKcKRH6_N39FwpQ0oJCSQd_womne-X8MHCNv1uoHUUUDDhPHneBm4wC514nez_Ho0jPrR0lKDi3Rvo2bQyZttCw7QvdeoBpPOzSuhid7DsBZVW1_SRn7-QoJxTcZSF7rLTgTen5snkPo18Q5o4t2_DyllhtPrBxLaK99GLr5eFhhay_61RL8THsr6_MugFM3t7-57qItTpNmMz7bXkWA4_NLAm7d1TIKPKaf9cBGpldKqkFfF2PoXIATReYnEUFPnnULTNKIrSXyctWcNquvPRRb09OzXRGAsxa9F7_bfnJqrEiAlMTKWi46q8FmWBwOR31LvSOY6qqgnt12_t3H73b2pRkvjcpt3ISEpZfE66R5L4UHb9eo5e7777oxSsF1U8u3gnyuW-lZ6fuJpJuUqxHbm6bTZRomYjyfIN32GWxdlP-1WqrfVgp90xE3UX3m0KYsD9in8HNDkkDbkSq4I4eZAMGwRG5ryB3LJ9W-gu44wHqxw1FYbUMqMxjJ4LTG43HTllX5TbCGM-zRUFlB-1TrU3MG_yPAZa5vIxHEnXlvOm48Z7W5VHh2fiVy-APtQJyyPVA75n5z34yaGsOEKr-DD9_58XcVLVMIgYBNS10mjeYTc1fxMLxT9NxszfCwIG8wbn4jL0LoORJ_mLuC1bonfbX_vFlQgR7YIzbPaNpvxI3Z7flLF_tIEi5Et3iRbqOpeSyJiyzQqt4-P6fhMdzHftV8mCBlXJzpdPFH72tNjN8-Bfx7mSKgKxSjxTfZqSBw6SsFPcbvpZFGrC4kAGp7pVwk1uce5l3QNerl1Uwkbx2Vvo5iQAiM3GE_9SzpaU74VUxUDbKaFdk&sai=AMfl-YSZr4yav89l1zi2fKg6kG6jmnzfXlX4qfb9jehnqeTQWlfqaM1aluqGobECjSamSJSha9nJVeeUS1Pg_atEj-GBQEjYB6ruq4lyBne14decSwPtRggKcAtXDn2ykMD6-uZT7P0766cRYHYxfDyFyjxImRmbtxYsnVU_d9RJ6wQb8BqzMd-aD3g&sig=Cg0ArKJSzLZFnJFDb_aBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.36273&adurl=
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 23 Oct 2021 08:59:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5D23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75135
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 22 Oct 2022 12:07:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5D23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:52:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D23 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5D23 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:51:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D23 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOt4aaYqNdpR4r9Pm2CfO-bgzYcWrPZ3MW2g8VUzCzDjT1dgD4LeWL_vaS50dnZ4WjAuM22oz5A4-qMrg__-1FBCzVUkuuZ1H3aqlwdcfbwZIXUeA
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D9A6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 12:07:07 GMT
expires
Sat, 22 Oct 2022 12:07:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
setuid
ib.adnxs.com/ Frame DAEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBGOuWoambfxF5KLGZAMJ6A&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBGOuWoambfxF5KLGZAMJ6A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:22 GMT
X-Proxy-Origin
216.131.114.199; 216.131.114.199; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5840e8a6-b1da-40fc-bf2e-840c1a350bd1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBGOuWoambfxF5KLGZAMJ6A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAEC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTQ1ODA2NzU2MzIyNTM3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTQ1ODA2NzU2MzIyNTM3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:22 GMT
X-Proxy-Origin
216.131.114.199; 216.131.114.199; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
08c402c4-6871-4a9c-9b9d-7bdba34ea188
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTQ1ODA2NzU2MzIyNTM3NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DAEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAEC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNWoBQgRGBjfWk2vMnA1PXx9MFkcPIF500lXiEkbUTlB_c-L_bVRmH1Jw_-5H2srYHmp6cP38Rep7SHCBw3DzYAh6Da0Dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:22 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame 5D23 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssm3ThwzGOP5dQkfZuwJ5wPhjagd0Z462pCizi4edHKcFQaiwc_CVa6P33xVxTnsE3Dbcu70CmDKGdM5dkHGyvU95swg-C8IIMARXFc5C2kJ8Tq0Se7zb50m_ckW0uPuqweSQgJfd385Q-LeYeYPBpeNkuQkD-fPvCXamPJfDolPrpyjNbKlhalTbSC6moasz_rM2870eZZ5xUTmaM86clI1tzQrvuvdHHvxFsudcadSu_csy7evlkxMYz8MES-vr26jbLrwYNI02gwqcbpotMqStXx5MonfXzG4Hh5tTyV9ypop4FalW2l2-3eAbliL9SJTZCZg_QdSYq9UJEXR1PKGpIYPe8LPf9LfDSiYhNgktA2qONwiKcKRH6_N39FwpQ0oJCSQd_womne-X8MHCNv1uoHUUUDDhPHneBm4wC514nez_Ho0jPrR0lKDi3Rvo2bQyZttCw7QvdeoBpPOzSuhid7DsBZVW1_SRn7-QoJxTcZSF7rLTgTen5snkPo18Q5o4t2_DyllhtPrBxLaK99GLr5eFhhay_61RL8THsr6_MugFM3t7-57qItTpNmMz7bXkWA4_NLAm7d1TIKPKaf9cBGpldKqkFfF2PoXIATReYnEUFPnnULTNKIrSXyctWcNquvPRRb09OzXRGAsxa9F7_bfnJqrEiAlMTKWi46q8FmWBwOR31LvSOY6qqgnt12_t3H73b2pRkvjcpt3ISEpZfE66R5L4UHb9eo5e7777oxSsF1U8u3gnyuW-lZ6fuJpJuUqxHbm6bTZRomYjyfIN32GWxdlP-1WqrfVgp90xE3UX3m0KYsD9in8HNDkkDbkSq4I4eZAMGwRG5ryB3LJ9W-gu44wHqxw1FYbUMqMxjJ4LTG43HTllX5TbCGM-zRUFlB-1TrU3MG_yPAZa5vIxHEnXlvOm48Z7W5VHh2fiVy-APtQJyyPVA75n5z34yaGsOEKr-DD9_58XcVLVMIgYBNS10mjeYTc1fxMLxT9NxszfCwIG8wbn4jL0LoORJ_mLuC1bonfbX_vFlQgR7YIzbPaNpvxI3Z7flLF_tIEi5Et3iRbqOpeSyJiyzQqt4-P6fhMdzHftV8mCBlXJzpdPFH72tNjN8-Bfx7mSKgKxSjxTfZqSBw6SsFPcbvpZFGrC4kAGp7pVwk1uce5l3QNerl1Uwkbx2Vvo5iQAiM3GE_9SzpaU74VUxUDbKaFdk&sai=AMfl-YSZr4yav89l1zi2fKg6kG6jmnzfXlX4qfb9jehnqeTQWlfqaM1aluqGobECjSamSJSha9nJVeeUS1Pg_atEj-GBQEjYB6ruq4lyBne14decSwPtRggKcAtXDn2ykMD6-uZT7P0766cRYHYxfDyFyjxImRmbtxYsnVU_d9RJ6wQb8BqzMd-aD3g&sig=Cg0ArKJSzLZFnJFDb_aBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&vt=11&dtpt=83&dett=2&cstd=0&cisv=r20211020.36273&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 5D23 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fac3c6565e9778e7b927e3a918857f62be43e2a8dd24354bf9df2fffc56269e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame D9A6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
csi
csi.gstatic.com/ Frame BD71 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kv3km7ec&c=5614056942567&slotId=2807028471283.5&qqid=CLu2zL-V4PMCFaHRuwgdX0kF2g&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=995&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D9A6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4Cfq585zYaWnJ4mU9u8P0tCYyAwAAAAAOAHgBAI&bg=!DQ6lDkrNAAbUs_yW1LM7ACkAdvg8WigKbjsCMaAuN3yqLIKqPMXyiNVwz4cp260hAC_nTykSCLgrjgIAAAC7UgAAAA9oAQeZAyltsl8bz8na54DWU8qUmlYSoESZ68j9UjGOUKCCoZS_XUIwTa1bm7q_lWYi9aXo09J9X85CZSJjKnpTeFPxG8hZt52A-WGuMd3abkz4DxrL9F3L524CZUcbHGsOTJgQxLPmIwViLG7eUj7ejvDUOZXK9HgtVPrpvbfR0ha8ELOpE7MiwVJHS0fSt1RuHO3ioKfqIUa3qpKglOCwoUoOPRbzkNFrjqHPICmkhydMTuF2W3oumeQUdGVZA6yow9XrwlR8uygf3Q1PHeHI4Qzz7uZi2ziVENNtPWv3DBkqDH6mGeXMvOykmVxiYWoKT1WUMrjXPOQi_sNx-SNRcNgxSUWAEyOLWM3XLEcA8SdQgCIi_qiFI20Mo_QJTKabfoZs6igKzoUjNuNaFBg60hG89VXX1pUWC12z2-yeV0fYpewiGHrEmtZLg1_OmF5KVrb50EtHe9h3qLiOPBRjiTgJrc9a8xA-VSij0t247UJQA3NejbBkJ4MqeQKVqlg1qySrZdYKk1lDU5ihsLhE6t2Pz5B-3RIPL6vBtFhmVP6HK-zxnfmSuiH10Keq9aY2YDOgfHhIkhadkz8Xne1kb6WOF_gcbDq1dS7W01a_I-prxUsnaVGyrihaXMQ9tFJFPNEpQbrDGPU6nHgTcLbqK_HIbLqVrGNl5cL6vEkfAjCbziH8KRSKjnfQng-msY640rkR0jw3IoSLifsipZwCdQJxDS3pnp8rEj4OM8Ksj2ie5wsY7yLNT_ckiX5nqJqMuxiqGZ5WBs69B6Dagin-pTv1oCAceCHkyH4NX48OdlI8Hr6Z9LxvmGfFncDKR1bh0V8oNZR93MXEssWceL_hbZ-Fn7Z1XPMb0GiBl-YlR8PfpHJndDFKlTLlYMYHOBMJ-MOaIg3vwXm95a5q1xEj90T4Tejow3_RN9P8sxmQKhoc1JJJjjnnVgfp9LzCFgys47y0-BEZyTKwYE7fRIitIieFPK29Qm7y-GKqfUpK7COQC9gQnvWtRGLiq1yl-Ob5OVfW9ha7Vg9p3SxSw-XbYsfsZVx9fRIVpxXKK97s5NRZsBuUYonI4ByOEz2YxA
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinhottrongngay360do.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9BA 		16 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
03109eb6077671a8b9bab375b55c32ed228b8c4588b68c29f5b87449753bd7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 08:59:23 GMT
server
cafe
content-length
9410
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
fw-widget.js
feed.mikle.com/js/ Frame 9545 		757 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-widget.js?v=1.1
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
acaea78a93cff7633c89cc3aea32d384a83b497969c68915d0c1985660802a5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 06:50:48 GMT
server
nginx
etag
W/"608ba8c8-2f5"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.php
www.facebook.com/plugins/ Frame 351F 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Ftintuc24hvietnam%2F&tabs&width=260&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1079009318866902
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
c4fec02f098cb0e0b39775b78224bd1ca691b2c296ab1b2a6103c7ddb6d440ab
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Ftintuc24hvietnam%2F&tabs&width=260&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1079009318866902
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
QVqEQ2mpmTQQHt8l82KeyexKrodyunPuXyjGXG3U+br3zUPyjOhYv272x9wMqjvtFmekOpsPrvPUsC6pGpsKPQ==
date
Sat, 23 Oct 2021 08:59:23 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Cookie set x5smq48
www.dailymotion.com/embed/video/ Frame A74B 		37 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed/video/x5smq48
Requested by
Host: ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
URL: https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
0772c774e00b6759e0087136bf28fddef535803f3c7c45112224d1a0529f499d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
17186
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Oct 2021 08:59:23 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
Referrer-Policy
no-referrer-when-downgrade
Report-To
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
Server
DMS/1.0.42
Server-Timing
total;dur=133, dc;desc="dc3"
Set-Cookie
ts=437463; expires=Wed, 23-Nov-2022 09:59:23 GMT; Max-Age=34218000; path=/; domain=.dailymotion.com; Secure; SameSite=none; dmvk=6173ceeb1500b; path=/; domain=.dailymotion.com; Secure; SameSite=none; v1st=59700C89EB2FE489791D8A80CE32CE45; expires=Tue, 22 Nov 2022 08:59:22 GMT; max-age=34128000; path=/; Secure; SameSite=None; domain=.dailymotion.com
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
Cookie set x5tc271
www.dailymotion.com/embed/video/ Frame B3DA 		37 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed/video/x5tc271
Requested by
Host: ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
URL: https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
77a410b0450e5601de9d6e7d21e38a93a9f8708a80dc985a1bac243f489ab62f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
16940
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Oct 2021 08:59:23 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
Referrer-Policy
no-referrer-when-downgrade
Report-To
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
Server
DMS/1.0.42
Server-Timing
total;dur=143, dc;desc="dc3"
Set-Cookie
ts=673568; expires=Wed, 23-Nov-2022 09:59:23 GMT; Max-Age=34218000; path=/; domain=.dailymotion.com; Secure; SameSite=none; dmvk=6173ceeb1647f; path=/; domain=.dailymotion.com; Secure; SameSite=none; v1st=6C560E091E3108AA2F4ABC3B80D5A5A9; expires=Tue, 22 Nov 2022 08:59:22 GMT; max-age=34128000; path=/; Secure; SameSite=None; domain=.dailymotion.com
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
Cookie set x5tc2ay
www.dailymotion.com/embed/video/ Frame B334 		37 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed/video/x5tc2ay
Requested by
Host: ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
URL: https://ff8c9329-a-62cb3a1a-s-sites.googlegroups.com/site/tcteducom/videogiaitri4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
8edc35ef2802225a50853e9ea4187ee028f6c2697a249705a10b870b19f8f6bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
16844
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Oct 2021 08:59:23 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
Referrer-Policy
no-referrer-when-downgrade
Report-To
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
Server
DMS/1.0.42
Server-Timing
total;dur=174, dc;desc="dc3"
Set-Cookie
ts=324810; expires=Wed, 23-Nov-2022 09:59:23 GMT; Max-Age=34218000; path=/; domain=.dailymotion.com; Secure; SameSite=none; dmvk=6173ceeb16e68; path=/; domain=.dailymotion.com; Secure; SameSite=none; v1st=ED0A975209C27EC9AA73BAD1AC131362; expires=Tue, 22 Nov 2022 08:59:22 GMT; max-age=34128000; path=/; Secure; SameSite=None; domain=.dailymotion.com
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
ads
googleads.g.doubleclick.net/pagead/ Frame 86E7 		16 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bf2ffe92704be1730609b331dcf2f7a39fc5bb13e24844b64acc6bf0b3698a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 08:59:23 GMT
server
cafe
content-length
9303
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
267590
ad.a-ads.com/ Frame 6D18 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/267590?size=200x200
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
1d959d4f91b4f867754ca942fdaf51978c488ff57a796a798e28a7a745093fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tinhottrongngay360do.blogspot.com/
Content-Encoding
gzip
1489553984_72533_250x600.jpg
media.tctshop.com/banner/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tctshop.com/banner/1489553984_72533_250x600.jpg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec07b8074a5c61e02dff7e958163f4dc56a9e96ba91a1959775cbbbb6b58130

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30711
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
108100
last-modified
Sun, 26 Aug 2018 10:34:45 GMT
server
cloudflare
etag
"1a644-5b828245-7601a5ff57fee675;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0kmPBUcm4zNshe1nOIBkUg9sENLMLeXmICPZZ%2Bib2I34ZvcAXiM5k2EDCddiawyqUzHhcvW3R69bnERjnwwPHV64PIEmT1BY165A4wvvINBj0%2BnfdKtEo9qFMdP%2FTRAUwQEug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6a29c4dd88ed5c74-FRA
expires
Sat, 30 Oct 2021 00:27:32 GMT
725691
ad.a-ads.com/ Frame B063 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/725691?size=160x600&background_color=ffc700
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
46b9b836ca8efd7d05d092c5631161095d80e5181b258ddca846796a56a990c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tinhottrongngay360do.blogspot.com/
Content-Encoding
gzip
bnr_xload.php
ylx-1.com/ Frame 9AA7 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ylx-1.com/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/bnr.php?section=General&pub=238923&format=300x250&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
5a3a226e6f8fb8e086b933306f2b1b39440c2b83c97af9ae20b3b8fe807305ef

Request headers

:method
GET
:authority
ylx-1.com
:scheme
https
:path
/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 08:59:23 GMT
content-type
text/html; charset=UTF-8
expires
Sat, 23 Oct 2021 08:59:23 GMT
last-modified
Sat, 23 Oct 2021 08:59:23 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2558629=1; expires=Sun, 24-Oct-2021 04:00:00 GMT; Max-Age=68437; path=/; domain=ylx-1.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Sun, 24-Oct-2021 04:00:00 GMT; Max-Age=68437; path=/; domain=ylx-1.com; secure; HttpOnly; SameSite=None cpa_673873=300x250_762886271_0; expires=Mon, 22-Nov-2021 08:59:23 GMT; Max-Age=2592000; path=/; domain=ylx-1.com; secure; SameSite=None
1523556
ad.a-ads.com/ Frame 6E99 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1523556?size=240x400
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
fbfa94165c6b0ab6af7f8e1328b017398ac55dc6e49b07a235e0b387f48bf798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tinhottrongngay360do.blogspot.com/
Content-Encoding
gzip
tinhottrongngay360do.blogspot.com.824436.es6.js
jsc.mgid.com/t/i/ 		233 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8069a8a23630d1c8dcf3f2880d67d75d7e9bba0d1f498ec7fffa56fa84374ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BPZRMG8WFCNE9NA5
last-modified
Wed, 08 Sep 2021 12:47:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
XGpK14n5G8YedSInNXlB3hAYet4DSTaMlHl+x1WmmakhX7ZlX//EWeImkr8vfgvGsV3uw7qkgpM=
cf-bgj
minify
server
cloudflare
etag
W/"a35d87a8f55e32d76888ea918b6e31b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a29c4dd7f964120-PRG
expires
Sat, 23 Oct 2021 11:59:23 GMT
725678
ad.a-ads.com/ Frame B0B9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/725678?size=728x90
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
fc9edf2321b2b2b1931c3ff5569b71a6a661530f166fef3eb0ad7718870d16ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tinhottrongngay360do.blogspot.com/
Content-Encoding
gzip
/
tinhottrongngay360do.blogspot.com/ 		2 KB
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY5wjQGzlSej3ZKpW2R-Hqx7-WnQDw%3A1634979558702
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2918676466-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
GSE /
Resource Hash
1682b7d512dacbecb1815f4caa19f591d0dcdc759022794d2f0e2429df34484d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY5wjQGzlSej3ZKpW2R-Hqx7-WnQDw%3A1634979558702
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
tinhottrongngay360do.blogspot.com
referer
https://tinhottrongngay360do.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
server
GSE
etag
"a5d367c4-d81b-4d56-b12c-4496e7e6bf90"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
739
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 08:59:23 GMT
/
tinhottrongngay360do.blogspot.com/ 		2 KB
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tinhottrongngay360do.blogspot.com/?action=getFeed&widgetId=Feed2&widgetType=Feed&responseType=js&xssi_token=AOuZoY5wjQGzlSej3ZKpW2R-Hqx7-WnQDw%3A1634979558702
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2918676466-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
GSE /
Resource Hash
540649854b5733a58df6cadf70c523c6d5a64f5358ded5e42ec28fbabf9a600d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/?action=getFeed&widgetId=Feed2&widgetType=Feed&responseType=js&xssi_token=AOuZoY5wjQGzlSej3ZKpW2R-Hqx7-WnQDw%3A1634979558702
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
tinhottrongngay360do.blogspot.com
referer
https://tinhottrongngay360do.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Oct 2021 08:36:45 GMT
server
GSE
etag
"a5d367c4-d81b-4d56-b12c-4496e7e6bf90"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
749
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 08:59:23 GMT
tinhottrongngay360do.blogspot.com.866434.es6.js
jsc.mgid.com/t/i/ 		233 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2e67c89a14e9bb5a9803cbc613359701431b068b4894006ffb7c9ba6111329

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BPZSRJJ6WP9RPBRC
last-modified
Wed, 08 Sep 2021 12:47:41 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
cATnS+F7M71FGHF5LMKXtsRg2ygJF3IEcm55KTV9hjXT81OeR5q6eTaJWVFg/Jee7a2Htd6wfks=
cf-bgj
minify
server
cloudflare
etag
W/"3b5a42c99d8e4500c2822666cb0a2cce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a29c4ddf8164120-PRG
expires
Sat, 23 Oct 2021 11:59:23 GMT
/
feed.mikle.com/widget/v2/3740/ Frame 9545 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/js/fw-widget.js?v=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
87a5ff9908f6b9031624d7825e20a4eb74946f739947cda8bd3f3262639ec13b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
feed.mikle.com
:scheme
https
:path
/widget/v2/3740/?id=fw-iframe943093140null
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-type
text/html;charset=UTF-8
server
nginx
expires
Sat, 23 Oct 2021 09:02:23 GMT
cache-control
max-age=180
x-xss-protection
0
content-encoding
gzip
truncated
/ Frame 6D18 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
160x600
static.a-ads.com/a-ads-banners/117616/ Frame B063 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117616/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/725691?size=160x600&background_color=ffc700
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
N57EYVTN569XN5M4
ETag
"c848631aa56eb03b8cf56723624828e8"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
70430
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Vly2RmS64q4VblC2nRqz_g1rs.jq2Fic
x-amz-id-2
tphlifjwy2gyJp1srkttVR4HXi2sZQnfuIIzI+a/TlC2Uw2wyIpbl2ZcuTLt/CcjZLoJP4BixAg=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame B063 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6E99 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
dmp.jq_flight.3033f0d7176196134921.js
static1.dmcdn.net/playerv5/ Frame A74B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.3033f0d7176196134921.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202351
server-timing
total;dur=0, dc;desc="dc3"
content-length
14940
last-modified
Wed, 20 Oct 2021 12:54:13 GMT
server
DMS/1.0.42
etag
"61701175-a5dc"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
b9b50d34716cfee498600751fdd10644
expires
Sat, 20 Nov 2021 00:46:52 GMT
dmp.manifest.76e702bfac604262b78c.js
static1.dmcdn.net/playerv5/ Frame A74B 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4414eabdadcdac7781a0e5e45e2b2e236b5609f82e1a0f535d206025c2bb17a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
2124
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-1170"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
988e83b742a2e35505d5915a727e8bae
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendor.f3aa841d61face627810.js
static1.dmcdn.net/playerv5/ Frame A74B 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8190f1ddef5f0da354396519cbc58089189318425144391abf7986eb6af60cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
103082
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-53754"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
082b5de4434c474f71c0b8afb6f2e4f5
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.main.a789e2282bad6603dcac.js
static1.dmcdn.net/playerv5/ Frame A74B 		221 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.main.a789e2282bad6603dcac.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
7174a914a8c5973b0254e322575524d67a8b534d3c493333b5f9b07de6dbe5a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
52167
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-372e3"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
650839741f551b7d5790b05298e87639
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.svg_critical.2202bba64ea46ecc7424.js
static1.dmcdn.net/playerv5/ Frame A74B 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.svg_critical.2202bba64ea46ecc7424.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
2586
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2da4"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
edf89758bbc1f222060a14bd744da6ac
expires
Sat, 20 Nov 2021 00:47:00 GMT
dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
static1.dmcdn.net/playerv5/ Frame A74B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
08b7bbed1ecbefff14209dc5e38087409a4f91d055014ce797b9cbe538c3aad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
9633
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-8107"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
8234bf3fcb898f530dfda93e8963d674
expires
Sat, 20 Nov 2021 00:47:00 GMT
dmp.jq_flight.3033f0d7176196134921.js
static1.dmcdn.net/playerv5/ Frame B3DA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.3033f0d7176196134921.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202351
server-timing
total;dur=0, dc;desc="dc3"
content-length
14940
last-modified
Wed, 20 Oct 2021 12:54:13 GMT
server
DMS/1.0.42
etag
"61701175-a5dc"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
9233c81887167f419cacb9b486789437
expires
Sat, 20 Nov 2021 00:46:52 GMT
dmp.manifest.76e702bfac604262b78c.js
static1.dmcdn.net/playerv5/ Frame B3DA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4414eabdadcdac7781a0e5e45e2b2e236b5609f82e1a0f535d206025c2bb17a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
2124
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-1170"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
afd7e43ddef131d168e9f5674057829b
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendor.f3aa841d61face627810.js
static1.dmcdn.net/playerv5/ Frame B3DA 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8190f1ddef5f0da354396519cbc58089189318425144391abf7986eb6af60cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
103082
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-53754"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f1fca558b67a558afc7fc662bfd0073b
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.main.a789e2282bad6603dcac.js
static1.dmcdn.net/playerv5/ Frame B3DA 		221 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.main.a789e2282bad6603dcac.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
7174a914a8c5973b0254e322575524d67a8b534d3c493333b5f9b07de6dbe5a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
52167
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-372e3"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
4fd0fd36a8d5d8586ab6ac921ca6839d
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.svg_critical.2202bba64ea46ecc7424.js
static1.dmcdn.net/playerv5/ Frame B3DA 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.svg_critical.2202bba64ea46ecc7424.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
2586
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2da4"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
006f74f27fea05e9a73be167226cbf1c
expires
Sat, 20 Nov 2021 00:47:00 GMT
dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
static1.dmcdn.net/playerv5/ Frame B3DA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
08b7bbed1ecbefff14209dc5e38087409a4f91d055014ce797b9cbe538c3aad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
9633
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-8107"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
dc2a8e2742f8bc1aecc6d16fcd0da266
expires
Sat, 20 Nov 2021 00:47:00 GMT
728x90
static.a-ads.com/a-ads-banners/104028/ Frame B0B9 		674 KB
675 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/725678?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.35.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.35.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Last-Modified
Sun, 29 Dec 2019 17:09:03 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
FTMBW80260S2SQFN
ETag
"74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
690629
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2
0lebAK91hRAgUhaXc1nVpyqAbQ5HmczHbnmMQrdqimAGRm/GSRqUPfDVEHL/a+OyI9IOzygmEpE=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
NOtISdHQun1.css
www.facebook.com/rsrc.php/v3/y6/l/0,cross/ Frame 351F 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y6/l/0,cross/NOtISdHQun1.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Ftintuc24hvietnam%2F&tabs&width=260&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1079009318866902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
14ccf85b4dca79489d653e2520093a2018d7c73e5af62715580dfea053c32a44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Ftintuc24hvietnam%2F&tabs&width=260&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1079009318866902
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 16:04:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IXaD4afYO3CKOQBFaCFp8g==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;frame-src *.facebook.com *.fbsbx.com data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;worker-src blob: *.facebook.com data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;report-uri https://www.facebook.com/csp/reporting/?m=t&minimize=0;
cross-origin-resource-policy
cross-origin
content-length
4732
x-fb-rlafr
0
x-fb-debug
f/BNGZVbXfa84fT3w/3oM0a10DY3Xw/TfkU9PcJcpSybEsmNaelcZhFQXXrE/ojyOJFGWWQ46uZiyp8oyyM9jg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 22 Oct 2022 16:04:43 GMT
truncated
/ Frame B0B9 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
dmp.jq_flight.3033f0d7176196134921.js
static1.dmcdn.net/playerv5/ Frame B334 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.3033f0d7176196134921.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202351
server-timing
total;dur=0, dc;desc="dc3"
content-length
14940
last-modified
Wed, 20 Oct 2021 12:54:13 GMT
server
DMS/1.0.42
etag
"61701175-a5dc"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
702a321f13d2cc7abca404bfa7df23b5
expires
Sat, 20 Nov 2021 00:46:52 GMT
dmp.manifest.76e702bfac604262b78c.js
static1.dmcdn.net/playerv5/ Frame B334 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4414eabdadcdac7781a0e5e45e2b2e236b5609f82e1a0f535d206025c2bb17a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
2124
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-1170"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
783f95d5f5a5ec9186d47359c65226a2
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendor.f3aa841d61face627810.js
static1.dmcdn.net/playerv5/ Frame B334 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8190f1ddef5f0da354396519cbc58089189318425144391abf7986eb6af60cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
103082
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-53754"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
e4a543e0e7d5e34ce8b143877a23db0f
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.main.a789e2282bad6603dcac.js
static1.dmcdn.net/playerv5/ Frame B334 		221 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.main.a789e2282bad6603dcac.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
7174a914a8c5973b0254e322575524d67a8b534d3c493333b5f9b07de6dbe5a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202350
server-timing
total;dur=0, dc;desc="dc3"
content-length
52167
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-372e3"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
49ab5a460b40782d1e28e3f3a8804a35
expires
Sat, 20 Nov 2021 00:46:53 GMT
dmp.svg_critical.2202bba64ea46ecc7424.js
static1.dmcdn.net/playerv5/ Frame B334 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.svg_critical.2202bba64ea46ecc7424.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
2586
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2da4"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
c5b9b45a9251d3a052d1bb698e4b3b71
expires
Sat, 20 Nov 2021 00:47:00 GMT
dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
static1.dmcdn.net/playerv5/ Frame B334 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.start_screen~theme_neon.a48c09ace3d635ba6e1d.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
08b7bbed1ecbefff14209dc5e38087409a4f91d055014ce797b9cbe538c3aad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
9633
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-8107"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
adf8c7eeb2b60dd4bf93c5fc5fc5bde3
expires
Sat, 20 Nov 2021 00:47:00 GMT
dmp.locale-en-US.89c08fbc7e17a76680a7.json
static1.dmcdn.net/playerv5/ Frame A74B 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.89c08fbc7e17a76680a7.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442789
server-timing
total;dur=1, dc;desc="dc3"
content-length
1077
last-modified
Thu, 14 Oct 2021 12:40:38 GMT
server
DMS/1.0.42
etag
"61682546-fbd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
0991451983b4ea5d3c62426c280b8517
expires
Wed, 17 Nov 2021 05:59:34 GMT
/
pebed.dm-event.net/ Frame A74B 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5smq48
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.theme_neon.635a8fdd97feae2ba007.js
static1.dmcdn.net/playerv5/ Frame A74B 		540 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe6581b7f15c23588ee28084325dbd0907fcdbf190eea8754d14421331c74326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
151650
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-86e57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
c9075d9397ec4506268034f30c5daf27
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
static1.dmcdn.net/playerv5/ Frame A74B 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5fe87cc9758f35025c5d07f58f39d89670c2e691b8f87774db4641c3b449b8a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
15621
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-eacd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
fdba35b344e3a3547367cb4745e75f5b
expires
Sat, 20 Nov 2021 00:47:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A74B 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:23 GMT
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Length
0
dmp.locale-en-US.89c08fbc7e17a76680a7.json
static1.dmcdn.net/playerv5/ Frame B3DA 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.89c08fbc7e17a76680a7.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442789
server-timing
total;dur=1, dc;desc="dc3"
content-length
1077
last-modified
Thu, 14 Oct 2021 12:40:38 GMT
server
DMS/1.0.42
etag
"61682546-fbd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f20c5dc672c1688566535f585f5545c4
expires
Wed, 17 Nov 2021 05:59:34 GMT
/
pebed.dm-event.net/ Frame B3DA 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5tc271
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.theme_neon.635a8fdd97feae2ba007.js
static1.dmcdn.net/playerv5/ Frame B3DA 		540 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe6581b7f15c23588ee28084325dbd0907fcdbf190eea8754d14421331c74326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
151650
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-86e57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
d3a64f94866c652f6e226c08947cf6ff
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
static1.dmcdn.net/playerv5/ Frame B3DA 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5fe87cc9758f35025c5d07f58f39d89670c2e691b8f87774db4641c3b449b8a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
15621
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-eacd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
ee76d35c4d3c1f6c6d268ff601a61336
expires
Sat, 20 Nov 2021 00:47:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B3DA 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:23 GMT
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Length
0
dmp.locale-en-US.89c08fbc7e17a76680a7.json
static1.dmcdn.net/playerv5/ Frame B334 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.89c08fbc7e17a76680a7.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442789
server-timing
total;dur=1, dc;desc="dc3"
content-length
1077
last-modified
Thu, 14 Oct 2021 12:40:38 GMT
server
DMS/1.0.42
etag
"61682546-fbd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
b7af891d0ecddbd11faaf008f0750eba
expires
Wed, 17 Nov 2021 05:59:34 GMT
/
pebed.dm-event.net/ Frame B334 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.theme_neon.635a8fdd97feae2ba007.js
static1.dmcdn.net/playerv5/ Frame B334 		540 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe6581b7f15c23588ee28084325dbd0907fcdbf190eea8754d14421331c74326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
159617
server-timing
total;dur=0, dc;desc="dc3"
content-length
151650
last-modified
Thu, 21 Oct 2021 12:36:16 GMT
server
DMS/1.0.42
etag
"61715ec0-86e57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
2ce69b1d13c50264f2a86c2fc03d1804
expires
Sat, 20 Nov 2021 12:39:06 GMT
dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
static1.dmcdn.net/playerv5/ Frame B334 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5fe87cc9758f35025c5d07f58f39d89670c2e691b8f87774db4641c3b449b8a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=0, dc;desc="dc3"
content-length
15621
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-eacd"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
59e09bf7e3f3fd4579a6d9f9c7e8700c
expires
Sat, 20 Nov 2021 00:47:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B334 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:23 GMT
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Length
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9545 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 18:27:56 GMT
squares.svg
feed.mikle.com/images/ Frame 9545 		707 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feed.mikle.com/images/squares.svg?v=1580871352
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-2c3"
content-type
image/svg+xml
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
feed.mikle.com/api/widget/read/body/ Frame 9545 		74 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/api/widget/read/body/?widget_id=3740&widget_parameter=%7B%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3ab6401f792a26330917330750bcf8d41708f8c3d791f5165cc2f65754adcbc0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://feed.mikle.com
cache-control
max-age=180
access-control-allow-credentials
true
access-control-allow-headers
Origin, Authorization, Accept, X-Requested-With
expires
Sat, 23 Oct 2021 09:02:23 GMT
show.php
ylx-1.com/ Frame C992 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
745d921f5524a51c70a1c7e959ab7d0b91698e955c0b04aa41374c39a51c33b8

Request headers

:method
GET
:authority
ylx-1.com
:scheme
https
:path
/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ylx-1.com/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839
accept-encoding
gzip, deflate, br
cookie
used_ad2558629=1; total_impressions=1; cpa_673873=300x250_762886271_0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/bnr_xload.php?section=General&pub=238923&format=300x250&ga=g&xt=163497955911832&xtt=5415839

Response headers

server
nginx
date
Sat, 23 Oct 2021 08:59:23 GMT
content-type
text/html; charset=UTF-8
expires
Sat, 23 Oct 2021 08:59:23 GMT
last-modified
Sat, 23 Oct 2021 08:59:23 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame B3DA 		291 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
Kf6h0TmkmFfzwj01rnmDhh0vdM1zXZLT
via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
98611
content-encoding
gzip
content-length
37551
last-modified
Thu, 21 Oct 2021 16:05:39 GMT
server
AmazonS3
date
Sat, 23 Oct 2021 08:59:23 GMT
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.145
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
fC68qCNDe7NSxmnYQ2uQ-lPRLZcK99QJV82qu7EuU9z4zcBT3itqiw==
x-llid
07b36e1d5406e553fac0a9ecb4ee26dd
expires
Fri, 29 Oct 2021 05:35:52 GMT
Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/fonts/ Frame B3DA 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442804
server-timing
total;dur=0, dc;desc="dc3"
content-length
37144
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-9118"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
4a9df005c57d5bb7a82aa1b0e381ed5f
expires
Wed, 17 Nov 2021 05:59:19 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B3DA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:23 GMT
latencies.js
speedtest.dailymotion.com/ Frame B3DA 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Sat, 23 Oct 2021 14:59:23 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CA22 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:23 GMT
5iPKl1XSwJ5Z0hIyn
s1.dmcdn.net/w/ Frame B3DA 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/w/5iPKl1XSwJ5Z0hIyn
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/2 /
Resource Hash
8838412fa6e7352170105f32fe30bffcdb1c049506f6870e71e3f93e60ac0a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 06:01:06 GMT
server
DMS/2
age
10572
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/png
cache-control
max-age=604800
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
content-length
7242
x-llid
3ad6e2e8160b1c8657428a4e84b20905
expires
Sat, 30 Oct 2021 06:03:11 GMT
dmp.controls_seek.f5091331a0d715c1d271.js
static1.dmcdn.net/playerv5/ Frame B3DA 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.controls_seek.f5091331a0d715c1d271.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2e8b71c02eab4e8f960c7220574675e1ba182518df1ae5965a4e4a2fd630a8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
415274
server-timing
total;dur=1, dc;desc="dc3"
content-length
18744
last-modified
Mon, 18 Oct 2021 13:36:32 GMT
server
DMS/1.0.42
etag
"616d7860-11f63"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
162fb3144a182a24f65befe861ea2af0
expires
Wed, 17 Nov 2021 13:38:09 GMT
dmp.interaction.5fcbedc3c45f47cba3bd.js
static1.dmcdn.net/playerv5/ Frame B3DA 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.interaction.5fcbedc3c45f47cba3bd.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:23 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202342
server-timing
total;dur=1, dc;desc="dc3"
content-length
4757
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-3d57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
3b375dfd51560bcf4c604d884749932f
expires
Sat, 20 Nov 2021 00:47:01 GMT
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame A74B 		291 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
Kf6h0TmkmFfzwj01rnmDhh0vdM1zXZLT
via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
98611
content-encoding
gzip
content-length
37551
last-modified
Thu, 21 Oct 2021 16:05:39 GMT
server
AmazonS3
date
Sat, 23 Oct 2021 08:59:23 GMT
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.145
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
fC68qCNDe7NSxmnYQ2uQ-lPRLZcK99QJV82qu7EuU9z4zcBT3itqiw==
x-llid
379901426e25adc310272ebe02a0875c
expires
Fri, 29 Oct 2021 05:35:52 GMT
Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/fonts/ Frame A74B 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442805
server-timing
total;dur=0, dc;desc="dc3"
content-length
37144
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-9118"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
a9cd4e72c5ee16d4dbdfc3fbfd910e6d
expires
Wed, 17 Nov 2021 05:59:19 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A74B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:24 GMT
latencies.js
speedtest.dailymotion.com/ Frame A74B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Sat, 23 Oct 2021 14:59:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3943 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:24 GMT
5iPKl1XSwJ5Z0hIyn
s2.dmcdn.net/w/ Frame A74B 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/w/5iPKl1XSwJ5Z0hIyn
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.64 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-64.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
8838412fa6e7352170105f32fe30bffcdb1c049506f6870e71e3f93e60ac0a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
last-modified
Sat, 23 Oct 2021 06:01:06 GMT
server
DMS/2
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}, {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}, {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/png
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
content-length
7219
expires
Sun, 24 Oct 2021 06:09:17 GMT
dmp.controls_seek.f5091331a0d715c1d271.js
static1.dmcdn.net/playerv5/ Frame A74B 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.controls_seek.f5091331a0d715c1d271.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2e8b71c02eab4e8f960c7220574675e1ba182518df1ae5965a4e4a2fd630a8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
415275
server-timing
total;dur=1, dc;desc="dc3"
content-length
18744
last-modified
Mon, 18 Oct 2021 13:36:32 GMT
server
DMS/1.0.42
etag
"616d7860-11f63"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
4f453659d2afa1381b2d62ba2398dc03
expires
Wed, 17 Nov 2021 13:38:09 GMT
dmp.interaction.5fcbedc3c45f47cba3bd.js
static1.dmcdn.net/playerv5/ Frame A74B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.interaction.5fcbedc3c45f47cba3bd.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=1, dc;desc="dc3"
content-length
4757
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-3d57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
db1472883da75291ba130bb44f4e3ee4
expires
Sat, 20 Nov 2021 00:47:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-erY1jxz3MiRdw8WxmQdjsio8HSZrZ0oQtBhN5-ltt4j6kpbeJy1-Eo4X08OsAK_86gJZv_HWngwVoT7YWT_4xCoua7d6ke9WVXdk7EdeYXpJw-M&sai=AMfl-YRCUXSt1afgRd2tEHIpg0bAaNUEoDCZjc5SXE4dFD2ZsnOQ2eUCOXP_pl9HdyD-g0zJZPvvXdoY1Ok2&sig=Cg0ArKJSzP6oEhOJn40aEAE&cid=CAASBORoU8c&id=lidar2&mcvt=1324&p=0,0,94,728&mtos=0,1124,1324,1353,1353&tos=0,1124,200,29,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634979562243&rpt=259&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aj4t356tueZgSfg2dwVfFqbLxPxYhEzO2ElJyvwbi-7SPa_-swbQmQqaZeD0HV96cf6vuZsD7JLdUkBynhlj6LHf2hmC2w6Mua_4gdSjzseHgGqBk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 86E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:52:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86E7 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 86E7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:51:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 09B7 		441 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 08:59:24 GMT
server
cafe
cache-control
private
content-length
227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 86E7 		54 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c4dd599f08e74ede224f2686a06637028d05ec4697888ff5eda8018b2bee6d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5iPKl1XSwJ5Z0hIyn
s2.dmcdn.net/w/ Frame B334 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/w/5iPKl1XSwJ5Z0hIyn
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.64 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-64.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
8838412fa6e7352170105f32fe30bffcdb1c049506f6870e71e3f93e60ac0a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
last-modified
Sat, 23 Oct 2021 06:01:06 GMT
server
DMS/2
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}, {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}, {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/png
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
content-length
7219
expires
Sun, 24 Oct 2021 06:09:17 GMT
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame B334 		291 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendors~theme_neon.c23567438ebdb116bd6e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
Kf6h0TmkmFfzwj01rnmDhh0vdM1zXZLT
via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
98612
content-encoding
gzip
content-length
37551
last-modified
Thu, 21 Oct 2021 16:05:39 GMT
server
AmazonS3
date
Sat, 23 Oct 2021 08:59:24 GMT
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.145
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
fC68qCNDe7NSxmnYQ2uQ-lPRLZcK99QJV82qu7EuU9z4zcBT3itqiw==
x-llid
3e4856c417919c9b2bd30fbb2461e7f5
expires
Fri, 29 Oct 2021 05:35:52 GMT
Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/fonts/ Frame B334 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442805
server-timing
total;dur=0, dc;desc="dc3"
content-length
37144
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-9118"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
d3edd0b17cf9ae747909ce6456b8197e
expires
Wed, 17 Nov 2021 05:59:19 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B334 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:24 GMT
latencies.js
speedtest.dailymotion.com/ Frame B334 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Sat, 23 Oct 2021 14:59:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8A5E 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 23 Oct 2021 08:59:24 GMT
dmp.controls_seek.f5091331a0d715c1d271.js
static1.dmcdn.net/playerv5/ Frame B334 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.controls_seek.f5091331a0d715c1d271.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2e8b71c02eab4e8f960c7220574675e1ba182518df1ae5965a4e4a2fd630a8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
415275
server-timing
total;dur=1, dc;desc="dc3"
content-length
18744
last-modified
Mon, 18 Oct 2021 13:36:32 GMT
server
DMS/1.0.42
etag
"616d7860-11f63"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
bf75217b98fa7bc6136e4fb06e23e28c
expires
Wed, 17 Nov 2021 13:38:09 GMT
dmp.interaction.5fcbedc3c45f47cba3bd.js
static1.dmcdn.net/playerv5/ Frame B334 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.interaction.5fcbedc3c45f47cba3bd.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202343
server-timing
total;dur=1, dc;desc="dc3"
content-length
4757
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-3d57"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
5e5d2f50336ab7595ff5f62e28af1b40
expires
Sat, 20 Nov 2021 00:47:01 GMT
dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb...
ade.googlesyndication.com/ddm/activity/ Frame AE56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D2070,0,0,0,0%26mtos%3D2070,2070,2070,2070,2070%26amtos%3D0,0,0,0,0%26mcvt%3D2070%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2232%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D1%26dur%3D30037%26vmtime%3D2240%26dtos%3D2070%26dtoss%3D1%26dvs%3D2070%26dfvs%3D2070%26dvpt%3D2232%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2070;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7pYZaElKU2RNff-mRkZcCUNoOsgtKn7H3xTPXWBcHVIAhziEZtaPxErnFSqPx_qgXBI_UpmVYxo6xugB1yYBjE-mDsCCDCIFP6a_qtE3HgGYQszE&sai=AMfl-YQWgLpShwjVJm5qxBDsEXKEmaA2E9NeV0HaBYUMT1FBLV5s9hE7Ia5akSy58B5Gx6xihRagAsIes0HN0zTiGRexfzc_ObILxn4&sig=Cg0ArKJSzFRA_E6H7_MVEAE&cid=CAASEuRocxiKRlUP7PIA32SMg-uRQw&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D2070,0,0,0,0%26mtos%3D2070,2070,2070,2070,2070%26amtos%3D0,0,0,0,0%26mcvt%3D2070%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2232%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D1%26dur%3D30037%26vmtime%3D2240%26dtos%3D2070%26dtoss%3D1%26dvs%3D2070%26dfvs%3D2070%26dvpt%3D2232%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2070&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pebed.dm-event.net/ Frame B3DA 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5tc271
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:24 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:24 GMT
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A9BA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSk60FfwA7XbxxxMVCvCN79x99NSIBwgcGe_IXWXSa6FgkB0YJ3-GQiyBuqCrGyR7aI96I9NQ7AQt6vJDdta8CM_-8CdEhPfFZYtpRiSaZyknruAk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame A9BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:52:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A9BA 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 08:59:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame A9BA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:51:47 GMT
l
www.google.com/ads/measurement/ Frame A9BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfSqlaun6bjgETizdIFHvpz-ZQ0iDRlAg8WJnlwONXsXBItmScJQUuupVnatoNtPRPsySfQwLtuaekL1p2pD3KYxFafw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B763 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 08:59:24 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame A9BA 		54 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f5c8b9d03dca9880adf484f9dcd19aa6b59817d4078cfc0666cfea01cc91d113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26230
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 1B3E 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymotion.com/embed/video/x5tc271
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Fri, 22 Oct 2021 05:21:06 GMT
expires
Sat, 22 Oct 2022 05:21:06 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
99498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame CA22 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Oct 2021 08:59:24 GMT
dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
static1.dmcdn.net/playerv5/ Frame B3DA 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c55c92cc84ea81ff349ec2c4dc43694b20b7299d401bdb4313364e29d5f982a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=0, dc;desc="dc3"
content-length
7196
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-57b0"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
8f6d74c9a92b557849a8219fa32a32a3
expires
Sat, 20 Nov 2021 00:47:06 GMT
dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
static1.dmcdn.net/playerv5/ Frame B3DA 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=1, dc;desc="dc3"
content-length
54717
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2f204"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
b147169159416310b8033cd202e2adda
expires
Sat, 20 Nov 2021 00:47:06 GMT
x5tc271.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame B3DA 		0
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x5tc271.m3u8?auth=1635152363-2688-oqovf6ih-eeedf63f8967bcc8ab0452b64d0d2e68WGDghnMTZI_kwyw3ExYMVOP6rMcSnM8dXzcrphVfNFctKKHEiQuyDI0TudOIG_SwBTAoFxu1XA1pNv4pfSaCkNFmD6c4uCjXDD1uPw5KqRB0mnWeX_AfjyqckQaj6Mz7ijhiuLsIdzc0fAyJ-n5y5zDQDekpDxiQZCfjUgyGc55uegwJyh7nH1Gpioo45pWxAxxk4A7AN2WYTvQJqDbeGd4JqfKZrV1oHe8RWeBQYazFNKnMZM_0SbzwppTK2fmmP38h8KQRk2c0TVQ84QWYhMFzfLuPWj3wDpPXrgtgi-uMfACFteEerbj49RuMdbTHxxlkkhosQCy69eKLqDdfXfh6P-c8UpZMNohYQGQnz4BOyLbZv465-sw5ldioqZZqZirSTXi9MW4Xbq3hrUQ2ToNo1N381zbcZMTxdF8jdguRBDAvGO9yZe_2hu1b24E5IwPS7FIWWQMOy3HOw1frLqjAzRxTGAPLyTqSNlGzI0l-2roH1hMUmTKew5NbPr7kE82O1v53Rz5XzFqKTcTCPmlLV3EEnGIq_cJBMPipy_i6sB6fjtnkWn8CBpFAlbeO27i6gulBQvwy9MLx_mZgtUZg8fB540nr5xsUIbdHXT3fichLjS7JBa8jKKWgKSklvui4rBqJEZ64GTML2o3m3lc9CHCbQRzYh-GVyG9sKdZjz1Qzhdkh89hnl8SMs3npycN3AQbtkdFw5h0_TtPJMwTXCMIQ_qJqEovfwO6sZINerlqrt5PQQJn4NpPEQuHExSQluXmHjdLXPxPKJQdPcOp0AfR1Yg5P_LYMNeFnKVVsBpdBuAsjahPzKB-KEy3xwaAzWq3d_2bWhjoKKrdh41hZytPGW9UbXU2hmMYxa0qpTvLtHviBU5ASugDzhNP8sy4y5dymbaM9CgIZxnqOE4Hb7jZRUvQRxMzjfAYdzne9K4tdYvXz36TyoowVoKLBmfLtUxmofe-B98P4Pf03lrc3e0mGuJKo2arZdQN2vwhNYEyk4pTOBtvSlDi-R2_dFmj__Pa4pfQnPbpok_LnIzvNqjBSidvxZX-8qUvCwvHTTbR-MZHMloNhxp9uTEV9PiT4Vw_sYRveqtXAllkjvCZ22uR-RetAb_q4oFuUwmzb4jGDlD0ST3idX4yKH2Y93xpxmwWRo5kGw-I49QIsK-_f3IfAxCxrWWxSonRYiCjqLXX5UEx3ZZg0T_8-9f99u2oMCI1jt7fgIGbrspzGx5Jls5MAeW5dWE4WOR1vIBpjovY3roa-AGiaBjUQsObGt3xW_9PiLr4SFCfpxa1P86yqCNyZOibtxaS2ySXB7y57iN1vkgdhVKIiCdwmZq5Wt1m7SOfdJlrnJ-W32-mIYuECJ6bJBamrt4PGw2M4lQkhxz0SdXt6EdVAjF5PiTdMl3OBTLJqc3MK04TFoZpd7DE_cgTlpLkgJ8G1LuGYkmJPqLAr0HYWCP-PWykWHW51LG5N2iwDe_VpZ8aWEcktJKoIy6F2pes20Y7WKY6jHvW9IJLDQN0WyZ9_gTq9fidPJwUD_MBdCnwj05uelryL-nMbPscfHV2_3u1q2jdtmWfuxw-JUfhnMi68J79Y0DpwtuboByt9P3V5qXF4zEF4AdIA5eKff2H16F0MlsDqflE9WP8sTVNquhN93rt1td996atLyguhBZgfKl7d0UdSUVZI2GZWn0GpCM-E9wbhKmtvz2OHGQRkPBfw5CLixsgZUogpdcwEmPjjcCrw3g2sdHZSVBVx1dixuQfdWcp4p-ltjaI9uUFwpSFPk-9GJcV2poa1IXUDsfCjn2ELoY1K1Ga7KT_GDJKMrTiT9ELgBqOQsNQGd28jDkHoHkkm4RR-eJgEiCCg6bb6B3ra_H3-teXis_6yywL6zBitJOxB_qHj21SQy7XBYKtc6kDfpzer3f6FtckklC505V3hktw3qUeh4RF6aXMmT1TbdKnsh7XohJ3eVOry1K2dhz6iW_ROy96kLIjtAIisfQAVCrvQ16WC4MojVPbPPVKan8s98GB82wVLsU41heRrQ8f3X8SAK5gGKWIhGgA6K7_8pMIhhflJVNlFwByJvNkYf_84nVfRabBaAaJ8m4mE-pIxuMXnv&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.38 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
icscale-01-pub-ix7.vip.dailymotion.com
Software
nginx/1.15.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-dm-lb-name
icscale-01-02
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
server
nginx/1.15.6
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/embed/video/x5tc271
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame F0C2 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymotion.com/embed/video/x5smq48
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Fri, 22 Oct 2021 05:21:06 GMT
expires
Sat, 22 Oct 2022 05:21:06 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
99498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 3943 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Oct 2021 08:59:24 GMT
dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
static1.dmcdn.net/playerv5/ Frame A74B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c55c92cc84ea81ff349ec2c4dc43694b20b7299d401bdb4313364e29d5f982a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=0, dc;desc="dc3"
content-length
7196
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-57b0"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f825d7cfd8bc28465942decefb4506e5
expires
Sat, 20 Nov 2021 00:47:06 GMT
dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
static1.dmcdn.net/playerv5/ Frame A74B 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=1, dc;desc="dc3"
content-length
54717
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2f204"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
14a4eea46eda0fcc5efc8a1aebd67e20
expires
Sat, 20 Nov 2021 00:47:06 GMT
x5smq48.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame A74B 		0
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x5smq48.m3u8?auth=1635152363-2688-07xdgr3d-3283cc3220dfb9b47a676d3bb65070dfJSvBxn2eeVsHE6Ru5o99v0q22XrOwUnTBeGTUccY4z1WKx_QUsBeYSSchS3gl09FjjEmfoGMmM5Mp0JIICTQCXKBToswTT3SDtGdUYwcMV_AFRBO7XC0PPJ8Hd-Y5u2jLXkV5xa5f9wZehxh2SX1CJM-Ts-sv3_uHIGei1vV9t12q2jb_itaNV1UdZ-2yMpPIhdyLJkoGSU5Ql_xXzKSJItBn8tgE0GXZQsCuzOzix9heEo10hIS8aDGDhcBZnwPB-7AaAOTD2LZREXqWAvb-v8l2f6aW8751tal9mQBKWEy9Sex2pNIKNus0O0Rr-EPdjI6R1d57TW-3z8Vghmly9J0okhPck9WnbKyYb6sT-l5LWBalMGZfemxTxVT1m1jdun7I5digCWH9aGtkQFpJgn-A1Q_A1Wrh_v_wDiJPSPoWqU92hb5JdIcSOTdpJJyi211ibrW_TVMGbvf1QDhlobxtjo2AttmfoCqMk41-eEOpBGGAFMsVKgPKoDd7YL8MkOtFqoPO-9VIbyoY0W8JjIKA3FDBLeTNVIeqovC_rfMEjchCaX-vGFwArzOlA0bsayZkwWQqrcLg_oROFKZlu5lzfAjHVwX--EPnFSVU3t8gmE0cpO3Mb6Oin0oiC9sSen1au-8i756QlPWxxzQNAUxRAI0BiUR4juSXtUgc8d8yqGAY50fFA9rI-0TZGHA_CKTcGHvhmYA6-BQs7ytYW1yxyTzjv_Xxbwy_oG3-stHGCQJ1JzTnzLtrJ00XhIkbU4Fy7yXkGA05PEIb66p1CJx47t58EUHrDjk4qbldH3MP0VSE6NOuhKkezZl2WLbNRxm0AmUGAQEgrZ99VBbc9JgNUTJr7zEMEWeyXx55VvWtNLNpNNw9mrKTwoOshU2tf6Jg4BgxWUr4BRc7bDRLHCWi9Px56zZUTm6RKvWSwLuMdAf7IA6FgwGFLxSzU988opZ7TEsmjR_h583CxoEhTLFtuqlhzL-pvvJ2-_PVqjP22tWJLyQ3ODJ7e5iaGrzTPspkbXckADugfA9L8L6UzBSm6nxUQYSSWjnqu37NGStkfo45W4qbmyDm1TavdN1p2X-ZCjEaji294cXkChGXUI5PyS-WpCKCEHexpbm5z2kH9q_P_H8KsOJZzNZa4-ZAI7YbCxFs010jKSb2DCZ8h-gWtAfP1qMJe9e4nex0_oxedgoO3K28VclUDaxkqrmJ9iUQ2-fScfsu_VfsnTuBKrbByU5qnqi4iJu9R3saZYh1EIbxuvxwbxyyUPb3uaLgZ0rZN25_NKRigHUxtVVzZIJX5eASiFUvt4Uu2yd7E3XKd-m6But7DzqB39pxaO9JwSnQi9ArKJHYKRwoMQC-60C_djfAPh2D0pOPLFs5c9SooZXJWPFEwVguZB3YiSDbPWF8CFBRjLdmkPVupHR9Yd4kiZoO0NL_CFRw9o5ZDFbYZmnfEp49hGWbbtDaZ4XCLYuOvHgYFVFLRNRbwX2dfEqTKhz8o-0tZGuZ-xRiiNZRyTD1Ex2_70MyrYFHVV2TPdA1j1DYsr9bAiqw24PvsZtRHrIiaP8IrWuTOBIxbPe6-YxWr07gKM27hgJ9PsiZB8fxEoC8xmaKNP0QNeiBuOa9zR8rMbzicBzDg8blFTC-uR8jgJSR6goOJ2upnS4FE5kKN-pC8qkfF7z04d5VJEV4GNgzV46neFPWndyH-egouGYQHY0unS3b0JVZqoUL0SbFrLo3KX6oqAkxAVc0GJKzXSLtLKcWaVlOy19avL7ixDKTyZNGVYWumzwoaXJomBmiixuWVwyisO59bEstwSWwkwRNnNqzlnu-EVP-thtwtBOwMcQqyIIG45Szs8ifKJrlhs-ItJWTof-zi6IFm45y9dKN8y2gSWxBJE4Yy_uUDMG9UrQj1YE-mKrFKW9ORDYyKZqN3RQj-hEux7vu50onOzmKPzW1XDL2k92pvAANH_uFMyy-3sPb4IrHlSbMLTdFI5sGQMogTX3lQydpiDxM9tQRtb6GzNSVJzy8iRn-6OC8To33jIB87aOi0IeswuOvQOj4x9gVQUfhV3nhOpRTpC02QQ1eN_k3SENcbmGl2JA4MNysC3g3K8JyQltk4hHkXZrCR9bVLdM-8mNi9J3kRj0_gA97GlWKcnPtagYrMiEbtPFVdqhInQu-InkC&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.38 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
icscale-01-pub-ix7.vip.dailymotion.com
Software
nginx/1.15.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-dm-lb-name
icscale-01-02
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
server
nginx/1.15.6
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/embed/video/x5smq48
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
/
xe9o.xyz/148bcf03fc/bb6bac9292/ Frame C992 		1 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xe9o.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCGdZjjdZGrCikAAGjCxCZrdNrirNrrpNrkkCrCZZZCCrixCkiCrCrGCxCrpjrkAjdpCCrxi_81859&adApiR=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&refferer=3658164039_aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.59.skhosting.eu
Software
nginx /
Resource Hash
519d2b5dfadc8906e412b3f57aa7c7f75850b672dc3d14f9c42c8a8a6abfc310

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
br
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex,nofollow
expires
Sun, 01 Jan 2014 00:00:00 GMT
pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame C992 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.127.skhosting.eu
Software
nginx /
Resource Hash
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2016 11:36:04 GMT
server
nginx
etag
W/"583d6824-68a8"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Mon, 22 Nov 2021 08:59:24 GMT
logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame C992 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.127.skhosting.eu
Software
nginx /
Resource Hash
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2016 21:46:50 GMT
server
nginx
etag
W/"58409a4a-631"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Mon, 22 Nov 2021 08:59:24 GMT
/
ylx-1.com/trk/ Frame C992 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-1.com/trk/?87bfecdb885575f24893740d4fe40123
Requested by
Host: ylx-1.com
URL: https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/show.php?u91941634979563=true&ad=673873&f=300x250&a=395578&cri=0&s=ZDUyODUyMTJlYzEzNWEzMDVmYjU1NjJiYzc2NzE1MjY=&u=238923&si=762886271&di=34099351&ci=16&h=87bfecdb885575f24893740d4fe40123&cc=DE&https=1&useAf=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&ar=aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
last-modified
Sat, 23 Oct 2021 08:59:24 GMT
server
nginx
cache-directive
no-cache
content-type
image/gif
cache-control
public, no-cache
pragma-directive
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-length
43
expires
0
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame F5EE 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymotion.com/embed/video/x5tc2ay
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Fri, 22 Oct 2021 05:21:06 GMT
expires
Sat, 22 Oct 2022 05:21:06 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
99498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 8A5E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Oct 2021 08:59:24 GMT
dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
static1.dmcdn.net/playerv5/ Frame B334 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.6d65252cb685ac66fefa.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c55c92cc84ea81ff349ec2c4dc43694b20b7299d401bdb4313364e29d5f982a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=0, dc;desc="dc3"
content-length
7196
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-57b0"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
10fd1b7107ebb5afb5a45a24ad324d04
expires
Sat, 20 Nov 2021 00:47:06 GMT
dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
static1.dmcdn.net/playerv5/ Frame B334 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.manifest.76e702bfac604262b78c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
202338
server-timing
total;dur=1, dc;desc="dc3"
content-length
54717
last-modified
Wed, 20 Oct 2021 12:54:04 GMT
server
DMS/1.0.42
etag
"6170116c-2f204"
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
8d23d6e7cc40f90aafe4ed3079867e40
expires
Sat, 20 Nov 2021 00:47:06 GMT
x5tc2ay.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame B334 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x5tc2ay.m3u8?auth=1635152363-2688-0ht9gntb-a30750f9af56ad8ec05c3fc16effc26bZ00X1OoBgBD0aHY9_LwdgzWGgGZ5jCALmdABydF4IwbdGE3PohkYfHTX-fTyLIDZDs352ndNNOiqx4NFio1RKuq54oQ6VHSzPvyF8FE3PYXXLVoGBcgKewvyAPdHhr8PGoOD5_uPzYMRh9l1iVbKeq8UYO3dUlV2tn3OEaQAnNzfI-fDN4op-Kfz66EQJY61dUQ-JcZiJVUBwtQUsOWeWCzVB5Zvl8VzBGSkXSuzK42XC7QNO7nqqvR4JAAUDkkLET2xXuc4iF9DYi1fFZcLDX7ytBBZHLtqBw6O3YILU0sC64Z0kVHSpdeiKlEeWj6gsq9gL2aB3Z7aDZ-_ocTZK6Qa8xr5FI7_l-sdL9orfONI4jcv6i1QXenEk3s6psKzghuPzjCur1McxiK2myAcChQvB7KeLTf2oDAZZg1sMd0MqLrjBRT8cRH1FXejLTsbc1LPs8k2hKXP3jvfiRZTXtEZ_3z9lwamzwgpxXS7INNR1Wrsgle_D8XBksZWLkZj2j0pWdzd8zO4S-uCjBaHj-UEwAz7IQKyc2QBmlzi173hH236unhcNzPrmKDicuBIGjS2oRmO1LwGW9XFOD-pUdv0afREYQ02kiw8swzwbv4LSkK7_Ja9rQVfqH-Ukr1HAf9YNGHXQpYSsAH5jm08v6KUOVDPBpfaMz4G1SMQlUHbgLEZHw5qIwQC-dXpxmLZYpEmYwGobchoVKUldh4giGSvLbHCNe8zIEAUCrrljRqRNppiEmR_PhijDa058UmEfTVC5nzc9QPXYLd-ACHFl2s59_wLW6x7yEC7jn3VJfizcebLLLoT14oCEePiaFlRadfnV5QvVn_AaLUsSzsAWH3rW04g5s_3oAdwHWfJz4Xs0x32-WUBLm8TDnEWooXY5xbfeyIuRkrRpQMy04XWMkjgI1DXOq_4DRAx2BWieTxkEuBu_62DDdhRAAV22tYG1b6iAbqwsCljXIunSFmvkAyz5_Bj72nXXCBKXs0aotbba17atfwWBpeqsye-a5UJozmoCUPFSnx1j429oLSsHLQj4LskbRFLZxicuIINYo029XZoFiO8AVyJycffsZVqDUM_rK05R00TbygPYKZkLRd8VByCOwRMb_z06cwhYphkd6_Fb6CmdyB8S6xtuP9imIePRP4NBjWmRx3zGoXCMnnKlDSP8TbmA6IeJYfSB6CBclD7r8gANWFHXaAryYkAv7yBPT8DozFE4v__J5bCMtAx02vDKx_VvxhKTl2UI9gNLa28OGltQ5hGaBg8LWfQSGtly3cBSByKQ687kmXYKVLBZFDM7KSh7WclIxFZwWsGDEDEtJP7ZKS8q-Zr98bOD8PsoUZbjgy0THxQoACyo2fBFlY7L_5x-VoJF_P1XgYmj7j4v7VW2Wd0YInoC-gL_DcguV7afpt5x08II5SW_p1GLjOElNeI4dfWWZqJIiuf7-T1K_0F3V539An3pBUiXX86UhWNIhfWoHeFiE7W5KizVe3FYZ0qxCYWC6kzTRttNzADm548NEmrNwf6SFIMlwhjZ2uO0no6FbIJl-Gl_gSGtLPNlDaIBORiYTedLpnCPwB0qctjussYFnpYCLhgS9oh_6S9IR3pacHW-C_pMCeVVEEBEuWtkg1wwSx_ui8ZoFyhRHr-v8q37rNi_mapE2R6B-x1ARnq2iiS8PxMhOn7cmczc25jQoaSroOclMElTMwllS0y3fr4CGB1qNlhR3qEawnZ08Ud-wdwp4GHQsgWuktvPmJobeqSjpoQxn_NJGspk7wiQdy773TjzFYDxQ_KBWFabMS3Aqmuf3cVx6_fymoVRQhcw4SqrPw4D4fs5MZsRYpbcgFb1CcDq6QQNuCwxMfvqagZRwHTja-S1U6aPHecfPpyPO-7KtoZHy64zgtnnp31tOBthmj4PH1AlywgjAcTQT_UpYEq48QozLGKYXf-1HGu0MY9cDCLcPnkJ9KQUUrQA88zzrtMTgB_nyDbZyvvSA4JXzPw_SGT995VD54D9FmDrQVimz_CmO5LvpoYd3PSNy7vWN7lr7dVq27sznLCM-xKzbSKZa5kX2572JyoFD228i2cSIBK8R3A&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.theme_neon.635a8fdd97feae2ba007.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.38 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
icscale-01-pub-ix7.vip.dailymotion.com
Software
nginx/1.15.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-dm-lb-name
icscale-01-02
date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
server
nginx/1.15.6
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/embed/video/x5tc2ay
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
um
sync.teads.tv/ Frame 09B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEK13YzRgGYcP-aA0V-bKe3Q&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEK13YzRgGYcP-aA0V-bKe3Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 23 Oct 2021 08:59:24 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEK13YzRgGYcP-aA0V-bKe3Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 09B7 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 23 Oct 2021 08:59:24 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
sync
partners.tremorhub.com/ Frame 09B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEBDErBZba2Ybq5DrVqIvEhU&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEBDErBZba2Ybq5DrVqIvEhU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEY9MmxtQEwAQ&v=APEucNUpMWdAkx86DG34MiF2T2qF4SYaq8-keAikYVvZmWDhTJuvc2ppC5NkFgnx4UaoxoPD46r8l4-YJ0xPFng78RjIPK_2IA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.138.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-138-78.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEBDErBZba2Ybq5DrVqIvEhU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 86E7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 86E7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:53:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 86E7 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsCpRkiXnFMmfYtwMnSYPlYo7JDSBz5F9QbBIsPgJLm57S1V1ze7plnPSDHjSE-0ZoctX4afsZEtv3GJk6TFaGgdLWIhcWBA4-sdcXPatuUhOCWwn2HBo0WAK-beZeR5ubmkMjRyVzgwEVIZl_WOfQDXvvggVT7vt8Xh1r4hm3g1EXQksrk4nImpOCFADkVaBPIqTwISiZCWgNCpIQfH_FT3YBWgmA21DtnwVOyD-SwAjz7bZtJ76uwmmhq6mtP4ITQWPTkrgo_OZraqFi6CH49w1qsTlB5GmH5VBtsN5Ou65HC7Lsjvf4LwFSp8ptTgZb1tkI3fcMnByxA0aPmrH7Hn8gQUAiSxNahMIDBNSMGg2aYcfUxTsiuETJSCgQakbSUDYHIfn3Wc9RfamSOrPSfgFRt0RIfFh2VE7snIRhqSJhZm6ghrYsEGdAMPwLOd_-hdiW-7TG6vVEefWwfLdjcdSKepjiWr12rET4CJwpSrMvLn8UyM7-ZbaiKyBK7SCj8WzKtud6WXGlhj0CNiVe8BaP39UnUQs0ObkYQrKe5OSJjM-_oIdzYkmJQI8l7ti83p2qTeybwuQb_b1PVxlDfchV8erg2xAQNGKEyWAJyOWz9w3gsyJmLn9QpJUPpUFYsOu99Cv7Wdke8c3eoNPS-PFCLyYhlSNx0GEJReoYZimkguORjM8IKnEAeilcJqcxt4SeP3wmjkyyzgcYeGdG145H4SIxOheJCHoFrwfyrdVuB-WWMiqIow__6WGvIw08eubLkArIb03cjl6cGIBSd-j0twXqyfEyZYWgd_Ig2Dii0M9thEe_TVE9p5I-RIOAp55IyKNarsMpEdsfKEVYmYRoQEA18pGw7mw7g1FmZmmcqwupJvJyW8ulCyVLigr_PH1VWzZk2cETpz8QMZte8mEFD3aV6XiC-CiUqlaZOLn7n_upowKDexr4wrlSm6-ROJCsR_Fw4mDRqak6aDqJsmC4MroGC3rbwfiI4sd5eKcYhNMjRSf2tfiGVjUCvKLIrh-VTlc-ESn35z_U-gBXg1fLZASAJn_V12TwziX-1lfY-SugeqnvpFbh_S1Dm2nO1XOneItXjQ0ZZv2gn3dWidBSO3Aup_pF4dJOdDKjZWfEJRO1RgO1fx5mx7GCQyO9dpwzp5dOQg40P6MUw18n7wCCiPCUp_QHQKnAoWAxlC5LoPyqkACpy6FJWLFShHCWQ9lNoSkMLFL3mlkyEYV4e-IZmc6mD6Lpsu_TXjxKHciLVHXRtmMQVz730zozdUJ834lP&sai=AMfl-YSOmDwgEm62-H73VbFTp7OW-sH9jrgKyn2a7TLy-NZE7F6qmKDN3l1OGp8p44gJG7xnFm3Lc0IYd_SchWdtE5oITHane4CtkUCgOoxRbnt5H722ef9rnlHPT2vIl7qmvYG9PSsqZk93m54JMTvTwobLQBEndw&sig=Cg0ArKJSzFau8stZb5dLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20211020.86933&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 23 Oct 2021 08:59:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 86E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 22 Oct 2022 12:07:07 GMT
Tur9ojG0vV6oVs6eQbM8vnIqh5nfygmkFN2qwhYKqJkQVqNIXWwZ2auMajYpsn7_yyTxpMmF70wdV29p6UPm7ERbhTPFekmfZAbqdYqlUw=w300-h250-n
s2.2mdn.net/proxy/ Frame 86E7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.2mdn.net/proxy/Tur9ojG0vV6oVs6eQbM8vnIqh5nfygmkFN2qwhYKqJkQVqNIXWwZ2auMajYpsn7_yyTxpMmF70wdV29p6UPm7ERbhTPFekmfZAbqdYqlUw=w300-h250-n
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
fife /
Resource Hash
71fc391acf67f1d522973e5358f7c3d46153b8b04260704f889f0ce109e24acb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:02:55 GMT
x-content-type-options
nosniff
server
fife
age
6989
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29633
x-xss-protection
0
expires
Sun, 24 Oct 2021 07:02:55 GMT
x360
s1.dmcdn.net/v/KzGST1VtGEwJZ9599/ Frame B3DA 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/KzGST1VtGEwJZ9599/x360
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/2 /
Resource Hash
1c29441894cea0f4a6cea7e9929906680fb09fcf678a05becdc545a44acaea22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 19:47:23 GMT
server
DMS/2
age
47521
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
server-timing
total;dur=35, dc;desc="dc3"
timing-allow-origin
*
content-length
24379
x-llid
637761a732a5d89fb1f8a9790d7ff2e0
expires
Fri, 29 Oct 2021 19:47:23 GMT
recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/ Frame 9545
Redirect Chain
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51043
  • https://spsec.feedblitz.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc3...
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=81e25985-0f29-3367-9...
250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=81e25985-0f29-3367-93ea-27cc5a453026&widget.placement=51043&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=216.131.114.199&widget.alternative=Phone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fba49434693799332c3cbf2e81e92319647efeaf43dfa6133ab4b0cebfdb4fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
via
1.1 varnish
server
nginx
x-timer
S1634979566.897688,VS0,VE362
x-served-by
cache-fra19127-FRA
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
256222
x-application-context
application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits
0

Redirect headers

Location
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=81e25985-0f29-3367-93ea-27cc5a453026&widget.placement=51043&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=216.131.114.199&widget.alternative=Phone
Date
Sat, 23 Oct 2021 08:59:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
748eecd6d04c4e3685ed53fca32678d6
i.liadm.com/s/e/1267/0/ Frame 9545
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51044
  • https://spsec.feedblitz.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301ba...
  • https://i.liadm.com/s/section/51044?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb
  • https://i.liadm.com/s/section/51044?sh2=&source=safe_rtb&m=8806bb04f086720ce5a60ebc3760dafc&_li_chk=true&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&previous_uuid=925823fe49ff40e5a1a0eb64b1f405b2
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F748eecd6d04c4e3685ed53fca32678d6%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&925823fe-49ff-40e5-a1a0-eb64b...
  • https://i.liadm.com/s/e/1267/0/748eecd6d04c4e3685ed53fca32678d6?mpid=7156&muid=36dd6173-ceee-4100-818e-e72d2ea43106
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/1267/0/748eecd6d04c4e3685ed53fca32678d6?mpid=7156&muid=36dd6173-ceee-4100-818e-e72d2ea43106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.152.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-152-8.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:25 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
03de01dc11f2b934
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Sat, 23 Oct 2021 08:59:26 GMT
Server
MT3 4044 0c7f252 master cdg-pixel-x6 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/1267/0/748eecd6d04c4e3685ed53fca32678d6?mpid=7156&muid=36dd6173-ceee-4100-818e-e72d2ea43106
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Oct 2021 08:59:25 GMT
51045
i6.liadm.com/s/section/ Frame 9545
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51045
  • https://spsec.feedblitz.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301ba...
  • https://i6.liadm.com/s/section/51045?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/section/51045?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.192.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-192-101.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:26 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
bc23fdb4b50f9285
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/section/51045?m=8806bb04f086720ce5a60ebc3760dafc&sh1=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&sh2=&source=safe_rtb
Date
Sat, 23 Oct 2021 08:59:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/ Frame 9545
Redirect Chain
  • https://feedads.feedblitz.com/i/116x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/44782
  • https://spsec.feedblitz.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc30...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.230 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:25 GMT
Last-Modified
Tue, 06 Aug 2019 20:24:36 GMT
Server
AmazonS3
x-amz-request-id
D97D81VAR2573A3S
ETag
"6956da20f9d008ec379926ee358e5594"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1255
x-amz-id-2
e6ZyE1BrrLeXKTYAnhXDvlr8DMRn/MHuBN+o1LSbXo7824ovhU2gm6bTqN91tguaSSKz+5k3l+c=

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date
Sat, 23 Oct 2021 08:59:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
610d3e8fea8a3752ada74ad0668f5b97.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/ Frame 9545
Redirect Chain
  • https://feedads.feedblitz.com/i/19x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/96007
  • https://spsec.feedblitz.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=8806bb04f086720ce5a60ebc3760dafc&sh=69bd30b9720ba4bfadd227a06b8e430efd2c91fa&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.230 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6582ac9001c322e1d97de3bec72bd7f8af1a8f80b98e4d6db1ac07f52ee78e1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:25 GMT
Last-Modified
Wed, 17 Feb 2016 22:44:11 GMT
Server
AmazonS3
x-amz-request-id
FZXJ79KME2JHK5MW
ETag
"dc4dc461c71bf6ee5ab2e57ad7b87651"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1733
x-amz-id-2
7+pmR7HdgxURf3QLaiChF+CSqZ4bMLBWk3YDDP/N5Utydn2nLKqEk38v25Kp/pEaTfsIl4fBcbM=

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Date
Sat, 23 Oct 2021 08:59:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
branding-icon.png
feed.mikle.com/images/ Frame 9545 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feed.mikle.com/images/branding-icon.png?v=1580871352
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.100.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-100-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2608889fe1fc07e81dbb2ba0131ef3141484a03213a872b393cc5750b43d4650
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/3740/?id=fw-iframe943093140null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-928"
content-type
image/png
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
x360
s2.dmcdn.net/v/Kulsu1VtGEvMPzh7A/ Frame A74B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/Kulsu1VtGEvMPzh7A/x360
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.64 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-64.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
0c048a984b6e07f7610f2ee6451e47590308f6902f90639a2ec23174102bda5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
last-modified
Thu, 21 Oct 2021 23:18:59 GMT
server
DMS/2
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}, {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}, {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/jpeg
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
content-length
26249
expires
Sat, 23 Oct 2021 15:50:42 GMT
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:24 GMT
Content-Length
0
/
pebed.dm-event.net/ Frame A74B 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5smq48
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:24 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame B3DA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 23 Oct 2021 11:28:47 GMT
x360
s1.dmcdn.net/v/KzGUg1VtGEwMXkHhC/ Frame B334 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/KzGUg1VtGEwMXkHhC/x360
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/2 /
Resource Hash
e44edab370097d8fde67cc1489439bfac3b25c7af68f1cb48b0f8372e3809e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 18:03:42 GMT
server
DMS/2
age
53742
vary
Accept-Encoding
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
server-timing
total;dur=141, dc;desc="dc3"
timing-allow-origin
*
content-length
44002
x-llid
d4e936ddfbc33993507b94620a9b590e
expires
Fri, 29 Oct 2021 18:03:42 GMT
/
pebed.dm-event.net/ Frame B334 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:24 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:24 GMT
Content-Length
0
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame A74B 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5smq48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 23 Oct 2021 11:28:47 GMT
RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/fonts/ Frame B3DA 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc271
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:24 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442802
server-timing
total;dur=1, dc;desc="dc3"
content-length
36812
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-8fcc"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
2a58531ca92e12ec59c0387e325a0655
expires
Wed, 17 Nov 2021 05:59:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame A9BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame A9BA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:53:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A9BA 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsul369BRT5Z9lo1uIs3or3ITFtP_d7HS81dehhfAL4H1YCpXmuIOS6_qe2tPgGb63tMuY4-LCYrOoyA6XLhng0jcZ6o1Blfug2ROeuWuDNiRG9zS6oPfGEGF4Hib2pw62PGo4F4z4GqH5GOfNtLqCoKvO5rL7dbLTdxWbf23Dgx7jl-LvtNJpTxWZ0i13_74mxaqMmR-X0LAOXf5JdpVUE0sS_VbrGuG1Kp4NP2Qnd5pGWVxHjLKSiot9I0mcWGwKajtds0Af2rzyIXLM-FI96B3s4Ry49N6-EjzwQirl3S7DnDOhfpJne2-d6GDhY52BReVklDlnlWnmQwB3wrFNIpOBe3KpCy0bHNRsm29LnmLQu4SY4ejmg4jnB_JulO52bB1zvrpw6nNgJO8EUpYsKk2UJ2axQCssJXilhG5eUVMolNJEXm1ydF8rWhrhAb2tlGcR_FCptuPzdMuJrO-Y5eRVj8AavPV09ZCsbOenQvr6Tde20_bPQ_DOR_mAr7JPxQvg1oufrjN8b6Ur_Gpbmkzms9-YyZs3-mTvKo4jEWFD7NT4efGgAoKiFcA3SKcK7ZcKPi4tU54alFfe-Q-59gOmHeXThTAJF3SsI3HJd-FZp7AZ23Ww4x21iqDnOcch2LBvSxVm-FvtHVs2rv0Co3KHf75kbCrrEuxHLVYZ0yUB9rx5QFwc_Y-OaAhCo1Hb_bD3jGqY7-Tiuls5tlohKuANDLwMrsmQjtul0NBKcYJLC8FSlUZdaZrOzrKVHKjjKkY0ntz-FejQKkQEygzt6fk7EfAkIk9CCzGDsB8q2fz4ezz8CtqpalgcHK7u7aJEgETeOFhaXg_xffs89agqbdnynB0MD9InBq1tYa-lahhxcZ9xrwHH8Muj4_kGMnY8sk1xMbhwSHPJr1jYbNHBpr9Pu4uSGc7v-nr0O703MI1AuhKWPTxn-o3CZvaJaWIvIhE0B7d6Zx5KUuLAcCQpTEzuT8VEHeXapcGu99_g8IxUitAaGe4z_367Phvy-8icQGxgXTjnC_oHbra3-2sU5SuaM5MYCOkYdcDl8Ysqs5Kk_NjPdW-qegGXCzgD1AanqAk6szT-8fKRUGbV8oJQ4XirMCyq9Gb4vCZmww6O2jBA90bHyIr6i4T7ZfGf9ePne_7Oeh3FTXui235Cuv7sW0paE3OUrl051ey-MggfScS4d1YVvFzGwWK99p3mXt38-ujZBeXf9ilcXfzPDljL04gtiVWDqDXIOODgu9zg5YKo9MNSaPDP2IPyJGOnAnVZ7BwG2b8HBXK3hTb7mkDjpWwqWF89A_kl_t&sai=AMfl-YRXW9QNsH0d7wQZ0lo7g36O616nL5HOOKm_YlAGoGEmFktnth3UQQr3HpFezOk_JEUy3iNuC_QnDLyVtznWbFoVkmpH4oJYCltbUnmMFHetv21N_EftNkHK80UoCMaqhee2aKQKzETvoyC03dSXm9u6J-tBnw&sig=Cg0ArKJSzGBjzYcWXQcoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.42268&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 23 Oct 2021 08:59:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A9BA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 22 Oct 2022 12:07:07 GMT
5485242488310283926
s0.2mdn.net/simgad/ Frame A9BA 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5485242488310283926
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
17a2efa049ad19070f7a1ffd672d803bbbb72b528988810b3f8be2665b2db65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:12:18 GMT
x-content-type-options
nosniff
age
326826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
111723
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 20:10:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Oct 2022 14:12:18 GMT
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame B334 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x5tc2ay
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 23 Oct 2021 11:28:47 GMT
RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/fonts/ Frame A74B 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5smq48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442803
server-timing
total;dur=1, dc;desc="dc3"
content-length
36812
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-8fcc"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
76304c6d8f88e310a6e2d3b544c67a12
expires
Wed, 17 Nov 2021 05:59:22 GMT
RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/fonts/ Frame B334 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x5tc2ay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
nel
{"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age
442803
server-timing
total;dur=1, dc;desc="dc3"
content-length
36812
last-modified
Thu, 14 Oct 2021 12:40:30 GMT
server
DMS/1.0.42
etag
"6168253e-8fcc"
report-to
{"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
aad4119fd86ed2fcda2e263400b30206
expires
Wed, 17 Nov 2021 05:59:22 GMT
/
xe9o.xyz/148bcf03fc/bb6bac9292/ Frame 0CAF 		81 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xe9o.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCGdZjjdZGrCikAAGjCxCZrdNrirNrrpNrkkCrCZZZCCrixCkiCrCrGCxCrpjrkAjdpCCrxi_81859&adApiR=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&refferer=3658164039_aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c&randomA=213336041452&realRef=bUZNbVNXdW9lWmh3dDcvUzBoMklpN1VuQTZQUUluRGZLYmtUZ2VUd3RWbz0=
Requested by
Host: xe9o.xyz
URL: https://xe9o.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCGdZjjdZGrCikAAGjCxCZrdNrirNrrpNrkkCrCZZZCCrixCkiCrCrGCxCrpjrkAjdpCCrxi_81859&adApiR=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&refferer=3658164039_aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.59.skhosting.eu
Software
nginx /
Resource Hash
e42431f10bfd91e45735ac42f453297a7c47f8d9ff946654432e49d33b84c6ee

Request headers

:method
GET
:authority
xe9o.xyz
:scheme
https
:path
/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCGdZjjdZGrCikAAGjCxCZrdNrirNrrpNrkkCrCZZZCCrixCkiCrCrGCxCrpjrkAjdpCCrxi_81859&adApiR=loaded_string_80018dfaaf025f0e4abb75199991cf29944b9_2558629_1634979563.1894_5540&refferer=3658164039_aHR0cHM6Ly90aW5ob3R0cm9uZ25nYXkzNjBkby5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c&randomA=213336041452&realRef=bUZNbVNXdW9lWmh3dDcvUzBoMklpN1VuQTZQUUluRGZLYmtUZ2VUd3RWbz0=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ylx-1.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ylx-1.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 08:59:25 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2558629=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
access-control-allow-origin
*
content-encoding
br
view
googleads4.g.doubleclick.net/pcs/ Frame 86E7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsCpRkiXnFMmfYtwMnSYPlYo7JDSBz5F9QbBIsPgJLm57S1V1ze7plnPSDHjSE-0ZoctX4afsZEtv3GJk6TFaGgdLWIhcWBA4-sdcXPatuUhOCWwn2HBo0WAK-beZeR5ubmkMjRyVzgwEVIZl_WOfQDXvvggVT7vt8Xh1r4hm3g1EXQksrk4nImpOCFADkVaBPIqTwISiZCWgNCpIQfH_FT3YBWgmA21DtnwVOyD-SwAjz7bZtJ76uwmmhq6mtP4ITQWPTkrgo_OZraqFi6CH49w1qsTlB5GmH5VBtsN5Ou65HC7Lsjvf4LwFSp8ptTgZb1tkI3fcMnByxA0aPmrH7Hn8gQUAiSxNahMIDBNSMGg2aYcfUxTsiuETJSCgQakbSUDYHIfn3Wc9RfamSOrPSfgFRt0RIfFh2VE7snIRhqSJhZm6ghrYsEGdAMPwLOd_-hdiW-7TG6vVEefWwfLdjcdSKepjiWr12rET4CJwpSrMvLn8UyM7-ZbaiKyBK7SCj8WzKtud6WXGlhj0CNiVe8BaP39UnUQs0ObkYQrKe5OSJjM-_oIdzYkmJQI8l7ti83p2qTeybwuQb_b1PVxlDfchV8erg2xAQNGKEyWAJyOWz9w3gsyJmLn9QpJUPpUFYsOu99Cv7Wdke8c3eoNPS-PFCLyYhlSNx0GEJReoYZimkguORjM8IKnEAeilcJqcxt4SeP3wmjkyyzgcYeGdG145H4SIxOheJCHoFrwfyrdVuB-WWMiqIow__6WGvIw08eubLkArIb03cjl6cGIBSd-j0twXqyfEyZYWgd_Ig2Dii0M9thEe_TVE9p5I-RIOAp55IyKNarsMpEdsfKEVYmYRoQEA18pGw7mw7g1FmZmmcqwupJvJyW8ulCyVLigr_PH1VWzZk2cETpz8QMZte8mEFD3aV6XiC-CiUqlaZOLn7n_upowKDexr4wrlSm6-ROJCsR_Fw4mDRqak6aDqJsmC4MroGC3rbwfiI4sd5eKcYhNMjRSf2tfiGVjUCvKLIrh-VTlc-ESn35z_U-gBXg1fLZASAJn_V12TwziX-1lfY-SugeqnvpFbh_S1Dm2nO1XOneItXjQ0ZZv2gn3dWidBSO3Aup_pF4dJOdDKjZWfEJRO1RgO1fx5mx7GCQyO9dpwzp5dOQg40P6MUw18n7wCCiPCUp_QHQKnAoWAxlC5LoPyqkACpy6FJWLFShHCWQ9lNoSkMLFL3mlkyEYV4e-IZmc6mD6Lpsu_TXjxKHciLVHXRtmMQVz730zozdUJ834lP&sai=AMfl-YSOmDwgEm62-H73VbFTp7OW-sH9jrgKyn2a7TLy-NZE7F6qmKDN3l1OGp8p44gJG7xnFm3Lc0IYd_SchWdtE5oITHane4CtkUCgOoxRbnt5H722ef9rnlHPT2vIl7qmvYG9PSsqZk93m54JMTvTwobLQBEndw&sig=Cg0ArKJSzFau8stZb5dLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=479&vt=11&dtpt=477&dett=2&cstd=0&cisv=r20211020.86933&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoMrNYneAZfQwHC10RnK1LdKyDhprfFI2AtS7OmK1TssA6id5Tviel2NAFVvCRRZUTWBO9Mlo0eZHQ_5CDgZ94gHFnq5KE0FE4uigp6F5YFAFQJVAi-7QZ0u0nvF7WPzePOQYatOwbREu6Uyafxz1Ho1hHwQ&dbm_d=AKAmf-D8gQV2T25GuglUAKhxE2a0LKBdqksmJ2zQoqWgVgGeeuDw1XXj_avXMiNaaEGygWiBcPiW9GcLFQPDp_UotnlvkRcC1KQ0A7aaFTk-22LSggWhaYlFMHhU6SccO2G0EjskeU4cw3RSDcv-f2lCHLZQhCo2eWPttZojPkCM6icZ9YWAkY0tGnAQE8MmJFP4xehY0MWtp8iL49v0rLKyZO8wl2mTUFjE_TljivatcnjtvXBGKotdZlg50mkAZBX6sLAfurvPRJH1KMln2m2gHGE-I6dvOfGsce4VQSUHHO3jIzAnNHujBD24YdX2xC63hAld-kUFLp_RgCqog1ExqUyuYd3uDbKaYJXWsp0fmKj_0fXnqE5N0z35mexiAqtwe4-JlgsBflMfEs8ULb_lAkxevXQzrAM9N6LDg7s3cyquY5PEaq2TJPhMAxUrRJ3kTK0Yt7SLojlZoTLREHGHl-YEZXxGWjaKZs8FdTockKxHZOfeiBPN1dwYFsVxC0166GSR_vN2c7NBOmebKuHK8cLuNARbZlrqWAXAFM_ThR0L93wfoFnijbepWx4_Xa2rsE9TXCZF6XkKwpliT9nEukt0eBytjgElli_JKmkEA5vun12aV-c9wnOI52C_WxicF15cRrQpMOlsnhS7MLUqaH2GRPa-UxpLCMMYUEU7m5-geX-2UQU2dQdjwz2d5aNjDRkhVLq25oY7AvuhgOWpLOCDNC4M6VmgzSGYgiXpVaLZSGgCpYMUtrosMwHSfjRbDEKwwCNjftBHlP_4nir-Zrhs_PKV8IuGGPHB-QtoKwL-q_fh_RuIjSBXRNBB35iRLmdqwBkzn1No5Qmves-ve_9QuNDpxAg76ziae4qYZ8uizI4kXCNAcrlCfzG9fFqjtQgaPyVkp2MWnllp6gqhFAQd1Vz4UIOsbvyvf0BSH5B7PjCY_fmxUmYsJRQeU2QFgCxYEh7Sco1yoRz8aY_Se-bzXije5tumty2xsksKo_rVT49CEgdTgAX-j0xzeaeyOK-8--zx9M-OZRfCwg91u-rXCZOS5_bSlvVmoahs2QBUVozwcnH3IB7QVZTpMpsWmn3VcexFNx-MLflLG-3K_qkIc3UxBvyFf0osrIhPotBS88ZeAsOOKPsuipBlJJkgZ20ZDPcrFqFiQTcl1V0xflqLFZoSDgJprJQguiSdbU4JbAPCalJVRFyNr4VppH1_3r0hVChJzPeGzGqmmreymoxkApgacc9CIuILeyZLf8F0OcX_SwyKcwi1dTAwZc9QuejL0y5_3GS0dID1pYzevhg701sg2iDpxZGBTBJCDK9dzBpEBE_Vz1NPrFJwOl1OcNddeB6PHBQoRzFgUkHS1q9gd6hieC1TyNGtt_4tNrXg6vFh1XEJluxibGHkB38YGGCxw-bVGRwQXnK6YjnRIjUpMlQh90URI3vZbhZGno_8C2JwsJeqfiB6tO7f8oen096TQH9R0H0RYQP5QXAgQanKddfO0dAg9hLYYe05mA0ykn1NEqQjQUlCsnJYye0-eewIgy-HN-GkU5DfBg7pn3xeElmaMH9bhpD0SWGbT5IMIJjG7uuHDPpTO7xMrOakk7lFl3STGWBT6nFtvfV5AJAy7XeNdmmKi4lPV4tsDln-lz5y5CPghNAmy99jY3cm-8dg3GSJnB3jGVpwVWSi0nQTpv_f-Eu74a78SjgML9ww3Khzabd0MiSJsMg8fmj9mGBcpSUBlHBEForsHom695_0dIrwvr84cEUawQ2mWX-DZ_oaNz3NBAP68Aubphb7d9G5b5QGgVbqEMEVx5tNHGfX9SVpVNpfZhXYld7FCaVGyRO2hG7fUvc4pGivwDMWhRW-EKItohwvedcb9-aW9QeR3mlebX5626W80arPWgfEVqLpySAfsFHWrx7volJs86v1ivj675XvcI0EiRPjg0Gj8hRlix3qgvGIY3jISKSM4UWuYq6Q0UkDdjXZYSTnsTsH4W_IMgADK4LASTdqUMdxovohgGbkHrjpRezOzSFNoyMxxgRwY6E_DOXGA1m6ONeliUuul2sTfeQX19yPKf1wGHl4B_fAgj_I92WrKKyOWqqPKLbxpoO96FbrGhbYA7gscUqlZKWGyfJGitxtlHrD4H9pBtVNFLiVdEcfG0SGBJXMZNvR3UYhXCzMFCYXlViSTEG8lcQr9GYDUmxaXzPd9X3IwQ5iGfcRH6V_ns6az-FuDqMCOk-QFI6WAbDEl5E-NBeLafz9ZQ2RW013hrYTGrwIvMJc4V9zAp-rnOQK1GcNi_c1Cw_Qhr6EzCwXJFoRtthdRVLFoHrBj2nm0-LEQeYFZk5NJREQMmDa0_SQhXv31gtUbEOm2PiPgHIo2IuhttiB3qpI0vjCslGEMfb-8M2IjoRoxIzJdamxNAwXtSIhM3oUg4R_iFAbFLw8l5HBsv57X3v2P4V7Ershm4ZAfWcjLPrRVvD-SWGvhdYhjUx14tWDKtvkOUz2sfAL3XDlZ1mPlcRYEFvbVGbs7coZeUSIgLGLlW6t6c24z3AAF9qy5tJfmnqFsohsD4oBSmkfPkI87fkd__dIohMeUkk8wYQ4W-FgdMVX-q9yYREf5MyK8vcQ-giQ3mdITrAWA036OVairMu0lRBVOC52MKEgLnctrbqbGoyeHHdbYxk2x57HP0crM7mTb8skMvq_j5P-tniWgPgt7DQi8JJV3HnMmGUzZdCs2rHtJQ7Uu80f7uOnLoloY_4wbYib97lyt8kbjkonZp31dNzWEfwojxufLsYeE2BWq_wXCp4oKm4a8cx2STgEnKQs7J-RvzFEIJfMFkTKB_DZarC6YI65Mb8qoQ0rnoNYC-o0bFjcG3s8LvyBgzzD2Lr42cZe6lN7uO-GaLMeKX2Iuexd3XCIyWRdHPTj6inqwHC9lL-TKJNtewX-PJbcVWzAo70apznEWEU_M5rsClix_G4LwLjCiIu1UJ3Zx4F5plGkAnS3m2ttXiMIyFzXMhCOeA8YtyokXhL07Vb8XuoQuieUq6KFg2R-EyySfPh610Hb9v_zGl9ClKXWKcWuGgfPZDApiLjR5LGze8eHZDYQkHyZMWA69eTh42seKLuaUM02jTzij_Cad0He0QsXoSKg2scsrp9A-Dl6oP9yQXMrV7MTyjnsUIk8iisBb5JB491ei0BIBP7xl6WNORc9dW7hdDMazv4eX5Ru7fXuS-N7NqSc6L5b5ACh75Js0VPXplnZ_JPGLEwYqLFXEmkxWL7izsM3l1FkUgAkF-dmPscTLITufCQZq6SWNkdXItdEasJbaFknksyWxVU2POcw7UjIfisNkesCOhlQzG1l&cid=CAASEuRoZDHwgruIgMjVSlk0MaJDVg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
partner
sync.search.spotxchange.com/ Frame B763
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOD5_4OObP7-8XIoP0n5Uqo&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOD5_4OObP7-8XIoP0n5Uqo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
75
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOD5_4OObP7-8XIoP0n5Uqo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B763
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODU3Yjk0MGEtMzNkZi0xMWVjLTljYzQtMWQyMWI5ZWIwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODU3Yjk0MGEtMzNkZi0xMWVjLTljYzQtMWQyMWI5ZWIwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 08:59:25 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODU3Yjk0MGEtMzNkZi0xMWVjLTljYzQtMWQyMWI5ZWIwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
70
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame B763 		0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7fLKpAIYl4rjtgEwAQ&v=APEucNUhhhv5fhcGTVk1OetoBKqruXoYFwgubyhE19McCYldNcgM_uMg_P_DKnFBvrrDcxrfzGAOH21sZguXx-7-yND4RcGn2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
f7d4e037c-40f7-418e-8439-6bf69a922dd5800x800.Jpeg
cdn.cotavi.vn/statics/gallery/202011/ Frame 9545 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cotavi.vn/statics/gallery/202011/f7d4e037c-40f7-418e-8439-6bf69a922dd5800x800.Jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.122.220.63 , Viet Nam, ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN),
Reverse DNS
Software
COTAVI / COTAVI, ASP.NET
Resource Hash
952179de3aa005c3c429d6b269221f8f2f179b04879cf65df8d9686aa6de2f71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
last-modified
Fri, 06 Nov 2020 08:49:10 GMT
server
COTAVI
x-powered-by
COTAVI, ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
date
Sat, 23 Oct 2021 08:59:24 GMT
accept-ranges
bytes
content-length
74710
etag
"1d6b419b18c24d6"
f0e3ef480-76c8-49f5-ab9e-63bf975dff1f800x800.Jpeg
cdn.cotavi.vn/statics/gallery/202103/ Frame 9545 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cotavi.vn/statics/gallery/202103/f0e3ef480-76c8-49f5-ab9e-63bf975dff1f800x800.Jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.122.220.63 , Viet Nam, ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN),
Reverse DNS
Software
COTAVI / COTAVI, ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 05:04:13 GMT
server
COTAVI
x-powered-by
COTAVI, ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
date
Sat, 23 Oct 2021 08:59:24 GMT
accept-ranges
bytes
content-length
188713
etag
"1d7156acfeda5a9"
f8b46c917-3849-4d78-babc-c86e62de24a6800x800.Jpeg
cdn.cotavi.vn/statics/gallery/202011/ Frame 9545 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cotavi.vn/statics/gallery/202011/f8b46c917-3849-4d78-babc-c86e62de24a6800x800.Jpeg
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.122.220.63 , Viet Nam, ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN),
Reverse DNS
Software
COTAVI / COTAVI, ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
last-modified
Sat, 07 Nov 2020 06:31:47 GMT
server
COTAVI
x-powered-by
COTAVI, ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
date
Sat, 23 Oct 2021 08:59:24 GMT
accept-ranges
bytes
content-length
81062
etag
"1d6b4cfaac1f726"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 59A5 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
28
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 86E7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8270d9ca169f877be150174284b3732f078fe08d87c180e55b25a3b8c0dc737f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A9BA 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsul369BRT5Z9lo1uIs3or3ITFtP_d7HS81dehhfAL4H1YCpXmuIOS6_qe2tPgGb63tMuY4-LCYrOoyA6XLhng0jcZ6o1Blfug2ROeuWuDNiRG9zS6oPfGEGF4Hib2pw62PGo4F4z4GqH5GOfNtLqCoKvO5rL7dbLTdxWbf23Dgx7jl-LvtNJpTxWZ0i13_74mxaqMmR-X0LAOXf5JdpVUE0sS_VbrGuG1Kp4NP2Qnd5pGWVxHjLKSiot9I0mcWGwKajtds0Af2rzyIXLM-FI96B3s4Ry49N6-EjzwQirl3S7DnDOhfpJne2-d6GDhY52BReVklDlnlWnmQwB3wrFNIpOBe3KpCy0bHNRsm29LnmLQu4SY4ejmg4jnB_JulO52bB1zvrpw6nNgJO8EUpYsKk2UJ2axQCssJXilhG5eUVMolNJEXm1ydF8rWhrhAb2tlGcR_FCptuPzdMuJrO-Y5eRVj8AavPV09ZCsbOenQvr6Tde20_bPQ_DOR_mAr7JPxQvg1oufrjN8b6Ur_Gpbmkzms9-YyZs3-mTvKo4jEWFD7NT4efGgAoKiFcA3SKcK7ZcKPi4tU54alFfe-Q-59gOmHeXThTAJF3SsI3HJd-FZp7AZ23Ww4x21iqDnOcch2LBvSxVm-FvtHVs2rv0Co3KHf75kbCrrEuxHLVYZ0yUB9rx5QFwc_Y-OaAhCo1Hb_bD3jGqY7-Tiuls5tlohKuANDLwMrsmQjtul0NBKcYJLC8FSlUZdaZrOzrKVHKjjKkY0ntz-FejQKkQEygzt6fk7EfAkIk9CCzGDsB8q2fz4ezz8CtqpalgcHK7u7aJEgETeOFhaXg_xffs89agqbdnynB0MD9InBq1tYa-lahhxcZ9xrwHH8Muj4_kGMnY8sk1xMbhwSHPJr1jYbNHBpr9Pu4uSGc7v-nr0O703MI1AuhKWPTxn-o3CZvaJaWIvIhE0B7d6Zx5KUuLAcCQpTEzuT8VEHeXapcGu99_g8IxUitAaGe4z_367Phvy-8icQGxgXTjnC_oHbra3-2sU5SuaM5MYCOkYdcDl8Ysqs5Kk_NjPdW-qegGXCzgD1AanqAk6szT-8fKRUGbV8oJQ4XirMCyq9Gb4vCZmww6O2jBA90bHyIr6i4T7ZfGf9ePne_7Oeh3FTXui235Cuv7sW0paE3OUrl051ey-MggfScS4d1YVvFzGwWK99p3mXt38-ujZBeXf9ilcXfzPDljL04gtiVWDqDXIOODgu9zg5YKo9MNSaPDP2IPyJGOnAnVZ7BwG2b8HBXK3hTb7mkDjpWwqWF89A_kl_t&sai=AMfl-YRXW9QNsH0d7wQZ0lo7g36O616nL5HOOKm_YlAGoGEmFktnth3UQQr3HpFezOk_JEUy3iNuC_QnDLyVtznWbFoVkmpH4oJYCltbUnmMFHetv21N_EftNkHK80UoCMaqhee2aKQKzETvoyC03dSXm9u6J-tBnw&sig=Cg0ArKJSzGBjzYcWXQcoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=332&vt=11&dtpt=331&dett=2&cstd=0&cisv=r20211020.42268&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuQ4pOjNUlk0ajsAV9V7cHYCgbxMAbVxiH8Xta5Kzar_IuZUkiCJZCiW9QAc-ktWVyubMP8Do6sXWKKH0FxeX6Tp8UWLRnpFBZlXwhr6wq0OM2OKKpjapB00AWwfKmgGoNPnBi3cpHt1nCnL0PiI-cc7dBaw&dbm_d=AKAmf-CXWPkADhMUM3kVhXw4XXfN38fbLL0YRqzIZSMXGyCMeJwxIXGefijEEsOs4eZzGJXQ47SDC8ukX9xXTpxzUFHBU95ZO7mFzsEDEb_hMRyHZEsQ_UD2pqUyyYTpw2qmHJlZGoZEx-bgmUaYsxw0Yels7_8HsUY_8BOmiWfsAv1dZZDfjkaJ2xD7CVKIgEMjLqBjoiLAgXL1sWzluekweSQlswlaoo1s3kLf9TtmjnccOuhCSYvbJG346qf7R5Y2Tj9EJooouNVNEGtyg1INN8AodA0ntLNnZvYZua3cOY03vXURCa3PSYKH3N0uT0hz5MgpxoLaWcaF2usOIUaRlEbArT7aSPLVGIsXUoFJAXHuo51CVuv4puygXLSJq5S6jYDUqehe1-vkLOHTYhzl6Owca0zctkKORdIyUHDiMR-bHxRZifjMCsldxoO5FnsrCSE55B2JgwrXrTHwGrbAiuJ7AiuKX_5h-HlNQexltRZLqFYOxQrgkzNv3jBoA3tuKUJmGkSX98qgOArPT2YWz7b1V1fuC3qNLS3ZFYgWwftS8J_5zkeQ_s5Hvob_rGIZSCiBxhaugi4yLOuKs6pM6QWC99e1k6h9vagpDbzjc0BT8htITcGBiwhhpJkBefa_WvsUoCrWLdvfnkQRLupPORbhIoePu0tR53IGJj54OtzJkZ9DGZP41niVBL4V0afY8ognF6NckkNJk7L46h7LCajNlz7SeWBUmDDAHLv8dxhmXS3EKmX8B_wvK8ztt3KNMtNaXfNFCVDcCWwxVxyVXgLQfXEXpVJJD27t5d7p7OBNcFjafiJQjlps2E2ZH7jaYuAKEon_FYgLbHsh_ziZNvQWD8L_JtK8Jjk7-VT2myYByr-0c4vnvZDBId9rGCeb5qFGcnUwgEF9E_LPQCyDBZjuIOOeeVgnA0JR4HXnusSlNmRsmyK-k8klJzvtzH_Ur-ifWFBReB9LblXCwXlaKszgTA0Zp0OeQlAoIpOEcmnNupFTNxucH3hU2FsD3t-oExStftQCauypkMlFfbk98sLG2OwTY-SvUtQSG_XFmaH30OfQI53ATnFyHCoywNLP47J7Qd6YCtTBT7mHP9bVvH4xNhV4vlYPQHxSK3Gi7vkAivE1Q1rTwZ_1ntub7iY86ZIc3uuKu_rXksSddUEpnMwYtBKR_R6pJXxM1jWPh8GkiUz_r2Jbx2MYxVXf8cmF7VpcfWTBdnHAVHIkUqgK1O8FzRkwaaQWf_3BjHZsiHzenIuBKIJ8JzkYwmaJMsJBx1kWxmO9aOQtFANnwZ4735iyx8JM_5in9KLn9pbBpMVbLFDuzj-g5G63nIvEtzFHpYCrxfBtio9LEaw1cV1vA68rCX-r3te0_l2dIN-Fcljnr4ps18UkFL5zxWQ32Cx9Qs-zpMC8tuetnI4tK7urXrRVhiR7IYLz4kyzYaI0I0req6stpJ8CPSv2bRnmfysuIy2nJAmnLu3VG9N7XDO4SrFwEhbCfUFk8i4Dxiq0QH8wxN1_VodfzHi3pxIA4GPJzDWO7-iUZXBlI2P7HXRL6waKBDVo67FlalxOoxzi7IyspM9W__VMNM-XA7AZEcl8u_-WkD5IdVSUiHHzk6i0n7bKTq82IIINanE9gOFez5xHYlol5bfA0XPiPvkWGd1a_WWB91l2zMU3UAOzqpIJvz1ynT_32eqcgfZocxMksLZqATv-b3Nj6ZLQXPCAPUUUGvzCBql2yveEgJyBE9hGZjXukN1zkVqxr9hoViok59fTghgB6Nyvm8doa_uykG97FRHBM8CE0QkTMRd7t38XgcUx1M9cE7VUOc6O-SSRXPBV-19RFoWXzRp1WNAiXeXHBAVdnXHvFAyQTXTLiSb4LhUcOWDIjv6v2qvEqHj6eHqdi6wvsUNPb_5D3cG86XBfAlAOaMjlBVhEiciSMHQWtVi1qEDPJcI7wVTqij2zLT5yfI5Q_Ed3BDBmwWyqYxQ4rI6Dgc-rG1wQ1kXclvwMpGZcr5mfY6f6xlZ_ZwTstm_I7iNEluLUG30Pl5hmoLoexeYNloMzsd_R9MSQ24kta72QQCxwkh-BEfkFVQIEVWEf0TypZSz7TmZNeyPQIdEQhVp4u8_VvlgJG42l7Kdag4G38_Xb0dU8ayJeuxF3o369oPpuqofKgBIel9NFFuwQHXkGi2uBi3QiofPkQ4Uc3nlMIwocLCY6hfu4bjxTT6ebU993SKMdmjwCLSultcaBVnszOu7LbdZ1bV_-TaQlVYdl1ZajTEIkNKGyUjrhLJ2xKsN-ZbyQL256PnMKjG2EzwuhrnMn9XigPVOfjv0caHK_uFmqXh1WvqXrHBCrFSBG5SiNKWa8BVAJadjCW-dPuWdKM0C2Mvu_o2Ben8KlHeRtNk4BKXtbovurHXChEjjWo1Lysrk6pESE-m_fi55Djv_Jv9bfy5shyjuNStYkJc8txhyrFEraoSK2MHGzMudvahutuzJdom4OQXap0Xn_CNhe6FRyrW5i9TWaqoyLDQ257YCVJPoEzd4b1VfruziIzOWtHI6tWnKgYRUZPVb8fZBWwhyBqPowSPxnmqObxFHvIhPR38KHu03ewk7IZZ75YLMuxvJ_3eKDBpnNA_Jhw7izPXcLT9pqs54RwAPuJmeMZWNStVLH7C8eBm18vi1hwdkgOXJh4QAiOL_iCmQdBN78nAUJLg4uWD2dffHVnRHJgRKCB4RPk69cBZPtTvfYPfw460Q7G0WcVOfpWFXBcIMmHLbtTQk8lM6keIaDNPZBmBnBYUYFXiyohVUBD0e4p5fz3KAz7C5XHgtXpQYIprp6nIkc1bZhAcvxR5ObHeFxHUX6yCAzIwqA3IOhM6XADypIpMrX4JtJycmwkTTaaPRn0280G4PTEFsAmSSDWIw-DF0HUNUarF_CuIHpQEPwoBqysF-nipmHKr1OgBE59NVi1h_AWzGf1SIlP6QEey8tJAanKrut0Cm6oCfW6BqjKc3DNRTqVg0i_4Z91dnvpc7B_AfHTrBZykB-kn99PtyNoLytmdytXR7hxc2FWys85B_eiL6v_8i1bZ-lhSdA57vlJEheWi-SXFvYnwbkSghAfLCQPt73S1XPhTWZIskU4DbSlsGYDW311-QpqxIGdWtlxSVwDqcB4Y-09jCHAwinsqw96nwOjRyjLW9Ea6W0Tl0ghXC91_vG3-409JpZqyMwqyU8&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&rfl=1%2Chttps%253A%252F%252Ftinhottrongngay360do.blogspot.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 72CA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 12:07:07 GMT
expires
Sat, 22 Oct 2022 12:07:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 063D 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
28
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame A9BA 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e237788fd58224a66436eebfb7424d063c8317c6271c6a9f522cc07e6979da1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BB4C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 12:07:07 GMT
expires
Sat, 22 Oct 2022 12:07:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 59A5
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2K...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBUWZHTUVJbQ&google_push=AYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2KUwonHeyjejXydbQzjR0wiZ63rJ_0QvSsJrZva6xuBUyIwdNDWZDXA5sc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBUWZHTUVJbQ&google_push=AYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2KUwonHeyjejXydbQzjR0wiZ63rJ_0QvSsJrZva6xuBUyIwdNDWZDXA5sc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBUWZHTUVJbQ&google_push=AYg5qPKRBh5m_a0hpjWcSFgkUuCf3Nj_G6wRR8rYN2KUwonHeyjejXydbQzjR0wiZ63rJ_0QvSsJrZva6xuBUyIwdNDWZDXA5sc
Date
Sat, 23 Oct 2021 08:59:25 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 59A5
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJTVSc5gjRtzzru4pKgU77oRDMt0qXFIC_C3BAcAgiY3IYTxxD2NR-DwiVdbSeyK4aWp2TqD7AlYSaiNvDSFLMuTl7gMdkD&google_gid=CAESEJ0MDio2YWcf6rh6nEZSb7I&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO2dz4sGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKVFZTYzVnalJ0enpydTRwS2dVNzdvUkRNdDBxWEZJQ19DM0JBY0FnaVkzSVlUeHhEMk5SLUR3aVZkYlNleUs0YVdwMlRxRDdBbFlTYWlOdk...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNHFtZkNfNEVGSm5uLU5SZWtXTDdfUXNXaG10ZmhHQlhsbXZ2RHl2X1BXcw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNHFtZkNfNEVGSm5uLU5SZWtXTDdfUXNXaG10ZmhHQlhsbXZ2RHl2X1BXcw==&google_push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNHFtZkNfNEVGSm5uLU5SZWtXTDdfUXNXaG10ZmhHQlhsbXZ2RHl2X1BXcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 59A5 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI9ryton2IH41axVpRUzb3s&google_push=AYg5qPL-F5dVkdB1lU4vYwY__tNb0itZsvDPnnBky6BvwHyfV3PDTzMwGBrPHp5KR_qfRsAHa5fpxWIqwf1E7bdhrh8o295F2Mj1&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 59A5
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPJ1H-mPcWax4ZUyWVl7arE_xvXsoWlgHzL6Q5YuWsd5uy1-xCyY_EzX...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECyediNZp_td6C36Kh22Nxk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 59A5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5KqwEXEGvmK4ARf3aRhTot_CBel3IUmdxv-vbj9U9y5DXJpx8gNnORJSQcjlCUbxz92Xpf4GphsE7SpeUby-ALMQN_xf5
Requested by
Host: tinhottrongngay360do.blogspot.com
URL: https://tinhottrongngay360do.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5KqwEXEGvmK4ARf3aRhTot_CBel3IUmdxv-vbj9U9y5DXJpx8gNnORJSQcjlCUbxz92Xpf4GphsE7SpeUby-ALMQN_xf5
date
Sat, 23 Oct 2021 08:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
trk
ag.innovid.com/ Frame 59A5 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI3H269mgqP3HWv5Dx_Z08E&google_cver=1&google_push=AYg5qPKjJPZO8mkkpfB9Ls6DgHsoMaWsajcGz5pzpJ5b4MLvw-YrKGJ-jsTF8p9pf2ESwPGxSlL-4eKnf2kCq8PzW_KtPqP5Z34s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.50.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-50-255.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
/
cc.adingo.jp/adx/push/ Frame 59A5 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEADs5kvKQyhT6a_JrlM7zV0&google_cver=1&google_push=AYg5qPKaW2nRb4vRxaaCo0Hf1fUUjXTdJlMP-erzJP9rkPBGiTBSsWTrtTVZT_eUkvYWhVNez1urfwro6bQz25W9eKCwxlNzywwQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.212.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-212-164.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 59A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDCvyjDuvavtAJcJWaJpWcN-4USD8osJ2A9vrs55RUJA_SKemAFOFa4lFTpOlaXM0Na6_i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=128506360&adf=1712303204&pi=t.ma~as.3432735637&w=300&lmt=1634978205&psa=1&format=300x250&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562875&bpp=1&bdt=4023&idt=1&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&prev_slotnames=3432735637&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Gna7lAOXlG&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 063D
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBQkVNb0RPLQ&google_push=AYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5djmaqlUIJU9bREdIXezzmsYxz1pa8KstxPY6UG_yhoLryesoF0NyjA2I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBQkVNb0RPLQ&google_push=AYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5djmaqlUIJU9bREdIXezzmsYxz1pa8KstxPY6UG_yhoLryesoF0NyjA2I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhQTzdRQUFBQkVNb0RPLQ&google_push=AYg5qPLnU1-8z-aoNQykPWXWJ_SzBanbLmNmLt8X3Z5djmaqlUIJU9bREdIXezzmsYxz1pa8KstxPY6UG_yhoLryesoF0NyjA2I
Date
Sat, 23 Oct 2021 08:59:25 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame 063D 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGhYCPcAzHZU7t5MJWYWGyc&google_cver=1&google_push=AYg5qPIsjXIhyVpnfENq7D0X0MdI1Ov9YcWsNxsXlkfXMyH-XrRpQswHEi97otJKnuU606uy2OUPxZyH4lX8Wp_MQYOqbXHgZyE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 063D
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEHm18hxtYa2jIYC9vFg0j3Y&google_cver=1&google_push=AYg5qPLc1QHDCpyuoBZrpJoz7wbJesJfDMMo0hwWLK1IsYy433b9zfdF3ecr...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 08:59:25 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlkMGMwZGYtYzRhOS0yODRiLWQ4ZjEtMjM1MTczMGIzNWMx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 063D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKL5Pj9-MLa6Hh5nhIGX0BuPuYghBtWoD_PWAfulfIe7sLsTIiO__I4tB6OsYZ-ITmENfCRtK1jfKiy7XGzdXTfjonsvbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=onW3oYC5SACDCiSp8VGAeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKL5Pj9-MLa6Hh5nhIGX0BuPuYghBtWoD_PWAfulfIe7sLsTIiO__I4tB6OsYZ-ITmENfCRtK1jfKiy7XGzdXTfjonsvbQ
date
Sat, 23 Oct 2021 08:59:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
cma
dsum-sec.casalemedia.com/ Frame 063D 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEDYW-Sozmwc_eIwZS5mVB5I&google_cver=1&google_push=AYg5qPL7wfYOnsfMYjajTcCHCcwHYJasD3H0mcLxIJaRV8IP3ISB14KTNlYi4KUtlIbrVU6Npc6bruMQtepipMkR7osOssLnYyM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 23 Oct 2021 08:59:25 GMT
/
cc.adingo.jp/adx/push/ Frame 063D 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEADs5kvKQyhT6a_JrlM7zV0&google_cver=1&google_push=AYg5qPKJ7zO9i9LHcDrwS4PCZqGdHfCNr_K3l-FmyVqh7ac7wY9fYWfKULtcXPNwE40UvykyZYrc8oWIccZJoMSOzKEaD_-Gnt4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.212.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-212-164.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 063D
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPao5Iy9nBqBkJnI-OiVvOs&google_cver=1&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFr...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFrlVWfKID5XT8lQt-7laNR4szoBukF1zLX97j-s2Z5HwyW4Rh4FNHnuwWtY-PFRzNGW6M5de1ah9w&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFrlVWfKID5XT8lQt-7laNR4szoBukF1zLX97j-s2Z5HwyW4Rh4FNHnuwWtY-PFRzNGW6M5de1ah9w&google_hm=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:25 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3O_Gwj0qqB2KwFNFrlVWfKID5XT8lQt-7laNR4szoBukF1zLX97j-s2Z5HwyW4Rh4FNHnuwWtY-PFRzNGW6M5de1ah9w&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 22 Oct 2021 08:59:25 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 063D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I097TeoYpuDXllkM5ZxU9cfQ-GVKBOt_ZvMtv6uZuTLJL7eRvVDB2lPnZV_nTPuxXCNPxCMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=250&slotname=3432735637&adk=2975983763&adf=3075858239&pi=t.ma~as.3432735637&w=300&lmt=1634978205&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979562792&bpp=15&bdt=3940&idt=15&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C774x280%2C774x280%2C1005x90&nras=2&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1071&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&psts=AGkb-H_4dH_dVWFOD-b4BiafKvyo-vOCy7FI682fR0bxLEJpw-rLo4rsfRAyX4n5EZTPBTKxhQxqftoHXBBDjpiP9w%2CAGkb-H_y1BaSpQE4KVgtcRjCuhdabW0l5vAHAJofFPPzQbUHkoa4KVRzkcz3EjN8xMwHv6D41CgdyZkGkiLtqaWSLQ&pvsid=856942039232348&pem=947&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=f0Mh97GyuP&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 72CA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ea9a49e96349e3bdcec138c13a65fe3e1c59b0d1530eae54c754c1a94c66af5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 08:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8558
x-xss-protection
0
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame BB4C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 23 Oct 2021 08:59:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5E23 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 22 Oct 2021 14:42:02 GMT
expires
Sat, 22 Oct 2022 14:42:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame DDFD 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
93a12e23a6baee5c57b328bc210239f7b2ebad812b99753d1f4d913dd60f8442
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IzDTLg9PefSkkQG819BbWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tinhottrongngay360do.blogspot.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=m8ynetHigfZu-zEmvqPZqVClP8GwJh7gmJjVYpcEj_opyUjLMCEro7JtrUbsTLwbjsk5rCps1DlPVFToW5rwq33CO6bvcrZfbq4nYIXul3JE4op49f3g_2xiCuGcFS5JzI9Sez2QFQDJyMOhW6dpPZQn6jwJ8lg1TluoQBBv_Ak
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 23 Oct 2021 08:59:25 GMT
date
Sat, 23 Oct 2021 08:59:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IzDTLg9PefSkkQG819BbWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame DDFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=856942039232348&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
/
c.mgid.com/pv/ 		0
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1634979565893267687137&uniqId=0bbfc&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&lu=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&sessionId=6173ceee-0a2de&pageView=1&pvid=17cac605146b7e6d129&site=514431&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a29c4f01f3f4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 5E23 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
26D5PESFJ3W3C6DA
x-amz-id-2
eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a29c4f08fc04114-PRG
expires
Sun, 24 Oct 2021 08:59:26 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4497
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a29c4f08fc24114-PRG
expires
Sun, 24 Oct 2021 08:59:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72CA 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-kCB7M5zYdXdBImk3wPMrYNAAAAAADgB4AQC&bg=!VlWlVRHNAAbUs_yW1LM7ACkAdvg8WihDnar39yXYLulPFgqq2n7RlP9kEp1C6O163VS581HB9mJHVgIAAAI8UgAAAExoAQeZAxKzOkzsENz_NnOyo5Wj4vylrLBQSA4pui3yGAORECMfghHIl5f1toMbDS5wwZepKVpnYEIrGg6klTDAeV_et0Q6QWV1Dd7V-18-hBXM57ydcrgXK18tvJk3srrDN-YKvbgK_7RUnQ22Rn8BCDuwfNFMo-2lV21-pXmMrRRSr6_xrMBL7LVhdYkxH4Q7KkThilmGdmuuDkZHr6BEeRDgwgOV-H0IBDx8CquZBk-NbYoJZ9FE6Q-frO5QBoiTZSyjIbZwzNghUZszGCD4azVFq-4uXdQHxbe30ppf2fOrkt6N_ENft-YqFBKjbfgBbgXvYLmVC66UkrJLxUl8iB8tVMNcuLy9Wu_YlD7jemb9vAcjv53L1qSbaT1FHlVHGdwuN7ntUGEhBEyR3KM_0IZCfmCrZXxW8psThrjxcFesze5ZdRPgnDB7qhgK57shINu-rPQdoinGyNG_Ir4j_e3ESaO9wL4eSERNDSUIvLWojOUa46JygBFnjuA1XX6CeTsd0NH90k7n4YqoSKWW3S0jwfp_MuJmW7M4RiH6ffLlW8kT2ovFoqO9ovwPyv8JHjTrg3ZHtY4uH-TZpXVqihRaW1RF4p_rB2HfGbtwGCZsbz8ztSSZi3Q-C2DyqsxC6xpw109uik0o_8YERCERnVO6OML2QYb7ZmbTAbzNN1n6lLp4nkIrdM38IZfy5M7WL-APnmC4rjWiqSSzOUg5A9ZLw-lCUXy5KO1I5kvK2xUCKLbgAWCb9i2lKBwRaYHdxn9sz6ukryN_KtXSGyCXk4dKzULmTA_TG93Uq54Sd7P16c5fGVk0xf-dtzq47Lm00qp_YlpIMi33yIQC8zKR9n9YVucpl1R3jEdt_U0HhAcgHaLGw9SvAGiErwsYgwGjE12sluw3XkDkjNZd4R2N_hE8tghtKwxLjGDBcBiX2i4rfThuKVlK0TBcvXRejQ8WwZPL-N-24J3hQ8_jubblrNxKSveMlKQHf4h8zpyr_WVvt7O5djCxKBfdCHBhr0fBEOZxc5cE34TRCAJDDUYrcLmt-VLJx54
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.mgid.com/824436/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/824436/1?pv=5&cbuster=1634979566361175350564&uniqId=0bbfc&niet=4g&nisd=false&jsv=es6&w=268&h=581&cols=1&ref=&cxurl=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&lu=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&sessionId=6173ceee-0a2de&pageView=1&pvid=17cac605146b7e6d129&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a51466374b113282feebeda7c88fba5fe87322f83b99dfdf40653f9ca2f774e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a29c4f30b214114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/866434/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/866434/1?w=1600&h=722&cols=4&pv=5&cbuster=1634979566362753280292&uniqId=0d555&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&lu=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&sessionId=6173ceee-0a2de&pageView=0&pvid=17cac605146b7e6d129&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd40a717df08da2561148e6dce4a78aa076bc0d2747e2e018300b475b13a2413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a29c4f30b234114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame A9BA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshd46PV0y8BRf9GUPaBBn5q7nX7ZCTeEgTl_Fxrvc3B9vb3bWd33aRQ7-szqCC2HZT8ZiC5Cv-32vir3n1Qq4N_uSmVIk5HxC4oVZJ_3HP5hkiyG0&sai=AMfl-YSxJNZ59biescqPqohZPwqGRcJxufwItJYCCy1Qjq_HFjf8vbcq8zVXShqtX0J_SaOyhgdyCQTrnpNo4U_xTCBNvJGAOO7G25o&sig=Cg0ArKJSzJaoUCtcQfhIEAE&cid=CAASEuRoj07_Euu3tneM-l9nFC-ZKg&id=lidar2&mcvt=1032&p=0,0,254,300&mtos=0,1032,1032,1032,1032&tos=0,1032,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2975983763&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634979562818&rpt=2497&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB4C 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bnqtx7M5zYfXjEt6r3gOrwZdoAAAAADgB4AQC&bg=!FBelF1PNAAbUs_yW1LM7ACkAdvg8WgHkYJAsQLqEsOaks-nln6eEWAm7mjN2vGyyDILS9meaWtpNWgIAAAJOUgAAADpoAQeZAy_YvwsBB1RJHhXpnESv-FxpfOxt4v2Unvy69ikOt6sgpeCrd4xmn8g-ldBsB60QjMtcWx7ujCIQ57t2Y-A5c-6omp5ZN3k12alq3qqcMeajD0b5lVFQ0B9UzQpLvB12fHzFOwVpzalq1KJczUe9dHsGXj-MixulzG9kT25vo-cXIq5BAkBdM4xq38KXgN3LVWtlgyQK7Sl7CD8DXscM_CH2kSakVWsLqBZqWIQcdHoDKOLZNvFHkDCH15vloJlZ5CpTawzv_WiFYTbfRcZG1TymXWw6jqcOl6S_D9TTvdJH80mG3bWpbhK_8pz1GtG-Du9vzLE1k3gurIYBwtJjyh_QZfSFGrhqVaevMWk6cWW0ySb3rwxAm8EWqlg5NDTBJ4LkqwD3GGLQYvgPJzHaCWTOqHLK5GcMBbnn9JWNwBzdep1qFfaaJRcL-vdE9nkkEDnsZsz4nLbU1PJVd2ANMHyRBXsNyJRwfrzxokxc1vTrCeqX86U7kR7uZxVPe2SA-NboAyk5scutYX4VOMpvWsCbWuWlWUSMdLRITdCjnChhZJowu5DrbH8ODdn9kVM__u80HgwJz6GG8nBycOG9MjRn-s842Sk5GbRBSJqgrBpagnGVz-xT4i6jzWRNNaIfA8_tQADJJU7a7e9pYBrfxjJytcjyHBOQIzHlqXja1qLY1BRbCImPkusnw2oSsySwI1_qh1_62FoMLgyCGlRZ1JGzjr-G4q1X0hj3shI0MjfRxu3KgqA15B4PIBTaWTQoO6h2nA5txzDWCTiw7DdQyGxMmOks33OOI4pp0eturvEGnv7d482nucucZdQcCvx4plAxGJfDoqOa0aCsq0UdtWumu6v0kkXkC8y9yUljqKNz_7CpbZ6bANBh2wT-f0BW9bVUGwG2BBN4FqOFeN4ZN-IOX03vTBuabPWKwjUZuchmHE_7o375tfS4N-79I3pKWhPKET1BVAJeECrnBvXhnxeokyfDWg7W2PFvtdoaeHiVQoJXbbHmZn3jdlsPx4nyWrGisfESCMkytDv84zGa7FJv8RyrMSsoU1ppvv2fAme9eHtJA-GDtQ11FMux9bQ6fQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
26D5PESFJ3W3C6DA
x-amz-id-2
eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a29c4f3efd14120-PRG
expires
Sun, 24 Oct 2021 08:59:26 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4497
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a29c4f3efd54120-PRG
expires
Sun, 24 Oct 2021 08:59:26 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x328/0x311x684x456/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1634979566--RjWzLl3039GcgLF58O4njoG86E7rIO_QP0YJkGwrBA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:23:05 GMT
x-mg-request-uuid
2cb9ea03-ac0c-4362-99bc-97a66767c95c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428ed4126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16586
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.mgid.com/g/8164901/492x328/0x65x849x566/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164901/492x328/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1634979566-_E7iCVBtyffqpRPRYwPOOjmzT2AJZ8cIYOUHfpT2vE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ef66b1e382dc94c0a75f7fee02d17c0421830f47d55899ba57bbdabaf8b5f1

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:23:06 GMT
x-mg-request-uuid
7ac49289-5f4b-4ef1-a018-90a0fbd1e5f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428ef4126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14470
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x328/0x0x672x448/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634979566-mOmeJwvq7yHY119a8K6FbOBv0TLTvfBNhHGcqSOS00c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:02 GMT
x-mg-request-uuid
466a9581-c1da-49d3-b06c-a4c5e5daf9c6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428f04126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23018
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1634979566-1sJnouI4hHTOTxgBLclvB7m4Tdor897Jzvv_TsvQgJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:54:46 GMT
x-mg-request-uuid
3594033c-c811-4222-a944-71ace4283762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428f14126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19280
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x328/0x168x510x340/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x328/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1634979566-a94eKlZ06kxhyziW3VV0zedJUL6b1Ewzxm39fOAjW94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80521fa17e3eac65f94cd9f97428bbb4fecbd82101c1a2dba5c7b0bcdd01e863

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 10:56:59 GMT
x-mg-request-uuid
2dcead87-3dfa-4e2c-b35c-f51ca6ce302f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428f54126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48248
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x328/0x0x640x426/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805664/492x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1634979566-ZQfB_iu3OZHLzTY8BiNs80lKuTeETjHAyC8P3-7bl4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid
c7f6f902-7769-4c3b-83cc-faa599ef9b73
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f428f44126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24104
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1634979566-afpLRSU37l0K4VjMpJw7GZUsB-xhpDeXBEJ8gcIupH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 19:13:54 GMT
x-mg-request-uuid
9a534c5e-9947-4def-81cd-9f38449fbc3c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f4a9e3412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21960
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2Y2Yzg1MjI0ZjVlMDU4MDU1MGQ2ZDg2OGU0NmUyOWQ1LmpwZWc.webp
s-img.mgid.com/g/8193524/492x328/0x0x901x600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193524/492x328/0x0x901x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2Y2Yzg1MjI0ZjVlMDU4MDU1MGQ2ZDg2OGU0NmUyOWQ1LmpwZWc.webp?v=1634979566-3zLojTvCboEXFZzg6wkPRqvwqWssvxuaXIlqhYGTayc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9552218730ff2408471ece143284c7abc5e35137e50a3dcd6efc374c1fcfe4

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 07:19:48 GMT
x-mg-request-uuid
4477ef10-ea75-44dc-8daf-452e2ee4ed79
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f4a9e6412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24108
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/300x200/98x0x926x617/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097644/300x200/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634979566-5gSd7k6wmQE8hwXFl9U_ehtJOqkTiOAIo9rTb49-sSc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ccb000fa0da2a9e92c3e09d0fb2f452310abb30312b299ea3747a4d62df36d

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:27:37 GMT
x-mg-request-uuid
a44e6a93-6eeb-43eb-85ba-aafabac75a21
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f4a9e7412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14404
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/300x200/0x0x492x328/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164883/300x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1634979566-6ublXvSnFEfy46_B1RHLk6s0BNS2s6eky5tZIyKpCSc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f18af9893b7eba52ce424864d7bfef02be0bcdfca6e7a23c7d7ed170722fb01

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:26 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:28:56 GMT
x-mg-request-uuid
563c55c5-9bcd-4f30-bad6-b252ff38bb0f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f4a9e8412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5938
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=856942039232348&bg=!pqWlpeHNAAbUs_yW1LM7ACkAdvg8WpL9eQWmfJyfbj_JUdQMInHbIMUqF3utcSjGtSl9GRwlYBMC4QIAAAG2UgAAADloAQcKAM5LyMvIDA-ijwzAlq0Ymi5w2VIJi9lrEPOmmmvfIpjEE4iM9MMCrTllr7OOFltMsbPch4DcRnV_sZutpE60tLc4bMWvHgHK3QzE8OECpor6Zqtpme7OZlN7j4BEGKcIVbaGd5OQh-KteC3s77xxXo2LdVFW_X08F_V3g3WP4dt7HHP0HV8BLOoIUK3C8ZNiFDsZ9X27yHt6jCC613qRpk_pYibzmLBB2Up-oM99zUEaUvzpTV2Mgpz76yy_7knQ9XoSOlcnUy9GdK8aF31LE5kCvN7HjGGHpQsFmlGe4bBKHUpTH6bmvVy4TOldgTys3RCDiu98Ui_S1T4PXx-81xea6uR9Oso3ICT9Ais2qIkqQUKnnOgFh--mQVyNx_vxGJNM9HlEahrE4ZSPVgDJXI1GPbHNrj9vwqQ8JD1YGSY5w-g6vfaEy4ELHHBj1kqYmA1rO21hm31mA16wEBP-CEWjnTTgceGmSM8OZrXk4jtBAXTogyUWU1OJ5s43-FkYdeClGsDD7y9FrjMMJ2ZxeQrv7swvdhG0I7Y56Bg1cxCAO0JsFEYFD7S11yydqUkPdKVgjXj3gyHK9_CKo2DQw8M7UtBbsK_Zpa8nmLTTkCIYn-8yucfrwOoe3jJMuMD7zxcgOow8rAP9xO_EBapeY-dHjsSmx8Qow7iiQoEaDqWqV7LgOzbDTCC8dOUkQXcJN7gFeGLWs9R4sSPnB0V9v7Kvi89k_RCM9sI5f81z9EMD6xy5wuSUE9vdFwOjzBntRQGaIJ4AD561_sNIeO7x9q98RUWwbmZCRDjM-7jEbezzfNNWPWXhFnWJzp5rJpEuBrzLqAC4IKYx3VuFxBi-ETUa2_w9evphaOth1rZ0qnppbAbxfK7jgt8YZLh3lLYvAd6XvJjybLIKtrMsJr3jGhTYuvNAo5F_TQzPw-tfl63hJoK5nQeH0tmTEOgCnibEbHxAx6gA1GRDvVktV_b_0b8qgAZDdHH1HmF7Fca0s55wKq64WDMgXVmLztGT6kZyEBgh7Fng60GnAS17osari9QlIPU_SqCfGLJGKT2C5dANm2QKdzlIee5tx5q_hmoAGpjtpGDSzvN8xOJDO4NDDHAGIj48PsqZrUXLJ6tNXkAnttNOLKO7NIgPqZOTib2Y3xky01ffhDFc5FoY-Hcz4SlzOR7lIUM_QpWCNcBgZq3sQ0L8Hy97spBRZOgoLQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.js
cm.mgid.com/ 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1634979566740186381942
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ef3c88cad30df30cfabd1290d76ab168c3507534090e562a52297483c5b8d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f56eaf4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame D9E3 		19 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1634979566807743391091
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f5cf2e4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
usync.html
eus.rubiconproject.com/ Frame E119
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634979566740186381942
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Oct 2021 08:59:27 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sat, 23 Oct 2021 08:59:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync.html
s.adtelligent.com/ Frame 92E6 		1 KB
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634979566740186381942
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.178 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tinhottrongngay360do.blogspot.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 23 Oct 2021 08:59:26 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://tinhottrongngay360do.blogspot.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=6ae8e45d-7053-4432-bbda-f55baebabb8e
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=6ae8e45d-7053-4432-bbda-f55baebabb8e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4fa2fcb4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=6ae8e45d-7053-4432-bbda-f55baebabb8e
date
Sat, 23 Oct 2021 08:59:27 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=MH4b793EYhuEzq4rF2CsXsa7&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=d736cbd9-16ce-4bf4-b0d7-265173ee897c&gdpr=&gdpr_consent=&us_privacy=
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=d736cbd9-16ce-4bf4-b0d7-265173ee897c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f76c8b4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=d736cbd9-16ce-4bf4-b0d7-265173ee897c&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 23 Oct 2021 08:59:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l9nqFHyZF6X1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a29c4f66a2d412b-PRG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
match
s.pubmine.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l9nqFHyZF6X1
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9nqFHyZF6X1
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d736cbd9-16ce-4bf4-b0d7-265173ee897c&ssp_data=&gdpr=&gdpr_consent=
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=d736cbd9-16ce-4bf4-b0d7-265173ee897c&ssp_data=&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.106.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-106-135.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Location
//s.pubmine.com/match?bidder_id=1&external_user_id=d736cbd9-16ce-4bf4-b0d7-265173ee897c&ssp_data=&gdpr=&gdpr_consent=
Date
Sat, 23 Oct 2021 08:59:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.lentainform.com/setmuidn/ 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l9nqFHyZF6X1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a29c4f66c354119-PRG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlucUZIeVpGNlgx&muidn=l9nqFHyZF6X1
  • https://cm.mgid.com/google?muidn=l9nqFHyZF6X1&google_ula={guid},5&google_gid=CAESEPgKJOUXUCxx0gNUKPqs55o&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l9nqFHyZF6X1&google_ula={guid},5&google_gid=CAESEPgKJOUXUCxx0gNUKPqs55o&google_cver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a29c4f65b4b4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l9nqFHyZF6X1&google_ula={guid},5&google_gid=CAESEPgKJOUXUCxx0gNUKPqs55o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9nqFHyZF6X1
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 08:59:27 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=e69c81ff-b131-47b5-8d9d-ea753d81e8c5
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=e69c81ff-b131-47b5-8d9d-ea753d81e8c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f6cbc94120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=e69c81ff-b131-47b5-8d9d-ea753d81e8c5
date
Sat, 23 Oct 2021 08:59:27 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=7QXNiJWKiHta4A6K2ERO&pi=mgid&tc=1
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=7QXNiJWKiHta4A6K2ERO&pi=mgid&tc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f6aba94120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=7QXNiJWKiHta4A6K2ERO&pi=mgid&tc=1
pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT, Sat, 23 Oct 2021 08:59:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=6f6ad411-ce1d-4148-928f-e113e846e58c&ttl=1637571567
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=6f6ad411-ce1d-4148-928f-e113e846e58c&ttl=1637571567
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4f73c4a4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=6f6ad411-ce1d-4148-928f-e113e846e58c&ttl=1637571567
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
mw
mwzeom.zeotap.com/ 		95 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=l9nqFHyZF6X1&zpartnerid=1532&zdid=1532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://tinhottrongngay360do.blogspot.com
access-control-allow-credentials
true
cf-ray
6a29c4f6788e4113-PRG
access-control-allow-headers
*
content-length
95
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 19:06:14 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
49993
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
TbL2X2eBsexSKRhTi3T7I0yIB5xOSBUzz0taefHnkggwJ3Rc1tGL2w==
usync.js
eus.rubiconproject.com/ Frame E119 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 08:59:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32043
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sat, 23 Oct 2021 17:53:30 GMT
khaos.jpg
token.rubiconproject.com/ Frame E119 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
-daWV0Hq7e4TSMJkHcADtFhs27pQB33n60C_HfM9TZfTpH_voWXO5Q==

Redirect headers

date
Sat, 23 Oct 2021 08:59:27 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567056&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
content-length
211
x-amz-cf-id
kT-HUc3UdzgQuwyL-XewriTYdYP6x39SGZyGv5O0dalCNoFbW9CsCw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tinhottrongngay360do.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
_gerUWJ5Q2Qj-sttpZJe04yhHUYGODiGL6S9vwljIRIStFCM-3D81Q==

Redirect headers

date
Sat, 23 Oct 2021 08:59:27 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634979567058&ns_c=UTF-8&cv=3.5&c8=TIN%20HOT%20TRONG%20NGA%CC%80Y&c7=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&c9=
content-length
211
x-amz-cf-id
zSniyANIpBPP9VO15qm1-TZI0y-GudALhRsZk4rYU6ObLuSqpmqemg==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x328/0x311x684x456/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1634979566--RjWzLl3039GcgLF58O4njoG86E7rIO_QP0YJkGwrBA
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:23:05 GMT
x-mg-request-uuid
2cb9ea03-ac0c-4362-99bc-97a66767c95c
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76df5412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16586
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.mgid.com/g/8164901/492x328/0x65x849x566/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164901/492x328/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1634979566-_E7iCVBtyffqpRPRYwPOOjmzT2AJZ8cIYOUHfpT2vE8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ef66b1e382dc94c0a75f7fee02d17c0421830f47d55899ba57bbdabaf8b5f1

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:23:06 GMT
x-mg-request-uuid
7ac49289-5f4b-4ef1-a018-90a0fbd1e5f0
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76df6412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14470
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x328/0x0x672x448/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634979566-mOmeJwvq7yHY119a8K6FbOBv0TLTvfBNhHGcqSOS00c
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:02 GMT
x-mg-request-uuid
466a9581-c1da-49d3-b06c-a4c5e5daf9c6
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76df7412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23018
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1634979566-1sJnouI4hHTOTxgBLclvB7m4Tdor897Jzvv_TsvQgJg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:54:46 GMT
x-mg-request-uuid
3594033c-c811-4222-a944-71ace4283762
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76df8412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19280
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x328/0x168x510x340/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x328/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1634979566-a94eKlZ06kxhyziW3VV0zedJUL6b1Ewzxm39fOAjW94
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80521fa17e3eac65f94cd9f97428bbb4fecbd82101c1a2dba5c7b0bcdd01e863

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 10:56:59 GMT
x-mg-request-uuid
2dcead87-3dfa-4e2c-b35c-f51ca6ce302f
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76dfa412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48248
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x328/0x0x640x426/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805664/492x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1634979566-ZQfB_iu3OZHLzTY8BiNs80lKuTeETjHAyC8P3-7bl4c
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid
c7f6f902-7769-4c3b-83cc-faa599ef9b73
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76dfb412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24104
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1634979566-afpLRSU37l0K4VjMpJw7GZUsB-xhpDeXBEJ8gcIupH4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 19:13:54 GMT
x-mg-request-uuid
9a534c5e-9947-4def-81cd-9f38449fbc3c
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76dfd412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21960
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2Y2Yzg1MjI0ZjVlMDU4MDU1MGQ2ZDg2OGU0NmUyOWQ1LmpwZWc.webp
s-img.mgid.com/g/8193524/492x328/0x0x901x600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193524/492x328/0x0x901x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2Y2Yzg1MjI0ZjVlMDU4MDU1MGQ2ZDg2OGU0NmUyOWQ1LmpwZWc.webp?v=1634979566-3zLojTvCboEXFZzg6wkPRqvwqWssvxuaXIlqhYGTayc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.866434.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9552218730ff2408471ece143284c7abc5e35137e50a3dcd6efc374c1fcfe4

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 07:19:48 GMT
x-mg-request-uuid
4477ef10-ea75-44dc-8daf-452e2ee4ed79
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76dfe412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24108
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/300x200/98x0x926x617/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097644/300x200/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634979566-5gSd7k6wmQE8hwXFl9U_ehtJOqkTiOAIo9rTb49-sSc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ccb000fa0da2a9e92c3e09d0fb2f452310abb30312b299ea3747a4d62df36d

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:37 GMT
x-mg-request-uuid
a44e6a93-6eeb-43eb-85ba-aafabac75a21
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76dff412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14404
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/300x200/0x0x492x328/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164883/300x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1634979566-6ublXvSnFEfy46_B1RHLk6s0BNS2s6eky5tZIyKpCSc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinhottrongngay360do.blogspot.com.824436.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f18af9893b7eba52ce424864d7bfef02be0bcdfca6e7a23c7d7ed170722fb01

Request headers

Referer
https://tinhottrongngay360do.blogspot.com/
Origin
https://tinhottrongngay360do.blogspot.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:28:56 GMT
x-mg-request-uuid
563c55c5-9bcd-4f30-bad6-b252ff38bb0f
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a29c4f76e00412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5938
server
cloudflare
m
cm.mgid.com/ Frame 92E6
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=0f3c0c9ec823cde7
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=0f3c0c9ec823cde7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a29c4fb08e14120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=0f3c0c9ec823cde7
Date
Sat, 23 Oct 2021 08:59:27 GMT
Server
VertaMedia 1.0
Etag
0f3c0c9ec823cde7
Content-Length
0
/
pebed.dm-event.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Origin
https://www.dailymotion.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Server
edward-ed/2.2.1
Date
Sat, 23 Oct 2021 08:59:29 GMT
Content-Length
0
/
pebed.dm-event.net/ Frame B3DA 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.vendor.f3aa841d61face627810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Villepinte, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/embed/video/x5tc271
Accept-Language
de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 08:59:29 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb...
ade.googlesyndication.com/ddm/activity/ Frame AE56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D7534,0,0,0,0%26mtos%3D7534,7534,7534,7534,7534%26amtos%3D0,0,0,0,0%26mcvt%3D7534%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7696%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D1%26dur%3D30037%26vmtime%3D7710%26dtos%3D5464%26dtoss%3D2%26dvs%3D5464%26dfvs%3D5464%26dvpt%3D5464%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7534,7534,7534,7534,7534%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7534;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB&sigh=B3xBSsQnnGQ&label=videoplaytime25&ad_mt=7710&acvw=sv%3D20211013%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D7534,0,0,0,0%26mtos%3D7534,7534,7534,7534,7534%26amtos%3D0,0,0,0,0%26mcvt%3D7534%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7696%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D1%26dur%3D30037%26vmtime%3D7710%26dtos%3D5464%26dtoss%3D2%26dvs%3D5464%26dfvs%3D5464%26dvpt%3D5464%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7534,7534,7534,7534,7534%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7534&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb...
ade.googlesyndication.com/ddm/activity/ Frame AE56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1_Pwv5Xg8wIV1RMGAB04JAB1EAAYACDCwZxMOhoI-I_4xgEQmM7C1-ADGJKJzt4DIOni6t70DkITCOq0zL-V4PMCFSqF_Qcd_isJAg;dc_rmcid=CAASEuRocxiKRlUP7PIA32SMg-uRQw;eps=CIBhEAEYXw;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D15020,0,0,0,0%26mtos%3D15020,15020,15020,15020,15020%26amtos%3D0,0,0,0,0%26mcvt%3D15020%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15182%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D64%26pst%3D1%26dur%3D30037%26vmtime%3D15210%26dtos%3D7486%26dtoss%3D3%26dvs%3D7486%26dfvs%3D7486%26dvpt%3D7486%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7486,7486,7486,7486,7486%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,15020;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AE56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDxro6c5zYaqcAaqK9u8P_tekEIDyjvRl6eLq3vQO8C4QASCnh5wtYMkGoAH-7ra5AsgBBagDAcgDmwSqBJwCT9BBfvwLquYD-2Ia60FStNJZ8EN5OhFso95EReJWitS_Vl9F0UD8jE-WCMQgzyFPBsIPtey4hPJnZxr0_-KmqMOTiWLDVF0D79cW8zHNAqo5ukL9Hng2oqFaXq6rbmev2BB1B8YoA8BpeHV9YHy_rFB_1Yfh7Et0RB4XVV8nNKdROVW9mBFN9fy2cd66n38J4fUmL66Fb0bvtDiHtcui8XLW0baq0c7gjR4yrwJfL17z_eFV6AUrz1RhRuPIkSq-kix_epCdyBXxSGWa-1qtNzG588ADkkNXQ69Q6YjSEu4Ohv3_soXeE6pt1Ymw5On7nWOBrRxC1SltNVX7LdpEiGQqz76A-_KVYPKtXa7DrK5fZX4EeAUISjYHtCzABJjOwtfgA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAGwE_nPgA3IE5KJzt4D2BMKiBQD2BQB0BUBgBcB&sigh=B3xBSsQnnGQ&label=videoplaytime50&ad_mt=15210&acvw=sv%3D20211013%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,151,273,624%26tos%3D15020,0,0,0,0%26mtos%3D15020,15020,15020,15020,15020%26amtos%3D0,0,0,0,0%26mcvt%3D15020%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15182%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D64%26pst%3D1%26dur%3D30037%26vmtime%3D15210%26dtos%3D7486%26dtoss%3D3%26dvs%3D7486%26dfvs%3D7486%26dvpt%3D7486%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7486,7486,7486,7486,7486%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D507336942%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,15020&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1634979561781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9019514334839995&output=html&h=280&slotname=5887643047&adk=714886943&adf=2053454510&pi=t.ma~as.5887643047&w=774&fwrn=4&fwrnh=100&lmt=1634978205&rafmt=1&psa=0&format=774x280&url=https%3A%2F%2Ftinhottrongngay360do.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634979560657&bpp=38&bdt=1805&idt=38&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1818879106324&frm=20&pv=1&ga_vid=2038052219.1634979559&ga_sid=1634979559&ga_hid=511890155&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062422%2C31062525&oid=2&pvsid=856942039232348&pem=947&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gl1ZnP3ypL&p=https%3A//tinhottrongngay360do.blogspot.com&dtd=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 08:59:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1

Verdicts & Comments Add Verdict or Comment

365 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle number| numposts number| numposts2 number| numposts3 boolean| showpostthumbnails boolean| showpostthumbnails2 boolean| displaymore boolean| displaymore2 boolean| showcommentnum boolean| showcommentnum2 boolean| showpostdate boolean| showpostdate2 boolean| showpostsummary number| numchars number| thumb_width number| thumb_height number| thumb_width1 number| thumb_height1 number| thumb_width22 number| thumb_height22 number| thumb_width2 number| thumb_height2 string| no_thumb string| no_thumb2 string| Slider_numposts function| bp_thumbnail_resize function| authorshow function| $ function| jQuery function| selectnav object| relatedTitles number| relatedTitlesNum object| relatedUrls object| thumburl function| related_results_labels_thumbs function| removeRelatedDuplicates_thumbs function| contains_thumbs function| printRelatedLabels_thumbs object| _0x5ef2 object| imgr boolean| showRandomImg boolean| aBold number| numposts1 number| numposts11 number| newsize object| _0x4d4d function| recentposts1 function| recentposts11 function| fbAsyncInit function| setAttributeOnload object| gapi object| ___jsl object| mydate number| year number| day number| month number| daym object| dayarray object| montharray boolean| google_empty_script_included object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| FB object| google_llp number| j object| img number| maxpost number| google_lpabyc object| pageNaviConf function| pageNavi object| googletag number| endPage object| google_ad_client object| google_ad_host object| google_ad_host_channel object| google_ad_slot object| google_ad_width object| google_ad_height boolean| google_onload_fired object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing function| onClickBack function| _fwMsg number| qs object| jQuery17107624613264858693 object| _0x3d1d number| ww function| adjustMenu function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| _mgIntExchangeNews object| MarketGidInfC824436 function| MarketGidCContextBlock824436 function| MarketGidCMainBlock824436 function| MarketGidCInternalExchangeBlock824436 function| MarketGidCColorBlock824436 function| MarketGidCRejectBlock824436 function| MarketGidCCriteoBlock824436 function| MarketGidCInternalExchangeLoggerBlock824436 function| MarketGidCObserverBlock824436 function| MarketGidCSendDimensionsBlock824436 function| MarketGidCAntifraudStatisticsBlock824436 function| MarketGidCRtbBlock824436 function| MarketGidCIframeSizeChangerBlock824436 function| MarketGidCContentPreviewBlock824436 function| MarketGidCGradientBlock824436 function| MarketGidCResponsiveBlock824436 boolean| mg_loaded_514431_824436 object| MarketGidInfC866434 function| MarketGidCContextBlock866434 function| MarketGidCMainBlock866434 function| MarketGidCInternalExchangeBlock866434 function| MarketGidCColorBlock866434 function| MarketGidCRejectBlock866434 function| MarketGidCCriteoBlock866434 function| MarketGidCInternalExchangeLoggerBlock866434 function| MarketGidCObserverBlock866434 function| MarketGidCSendDimensionsBlock866434 function| MarketGidCAntifraudStatisticsBlock866434 function| MarketGidCRtbBlock866434 function| MarketGidCIframeSizeChangerBlock866434 function| MarketGidCContentPreviewBlock866434 function| MarketGidCGradientBlock866434 function| MarketGidCResponsiveBlock866434 boolean| mg_loaded_514431_866434 object| GoogleGcLKhOms object| onClickExcludes function| mgReject824436 function| mgLoadAds824436_0bbfc function| MarketGidCReject824436 function| MarketGidLoadGoods824436_0bbfc function| mgReject866434 function| mgLoadAds866434_0d555 function| MarketGidCReject866434 function| MarketGidLoadGoods866434_0d555 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint514431 string| _mgPvid boolean| _mgPageView514431 object| google_image_requests function| LoadCriteoAllPlaces866434_0d555 function| LoadCriteoAllPlaces824436_0bbfc boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE

69 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgUIBhDZEA
.google.com/ Name: NID
Value: 511=m8ynetHigfZu-zEmvqPZqVClP8GwJh7gmJjVYpcEj_opyUjLMCEro7JtrUbsTLwbjsk5rCps1DlPVFToW5rwq33CO6bvcrZfbq4nYIXul3JE4op49f3g_2xiCuGcFS5JzI9Sez2QFQDJyMOhW6dpPZQn6jwJ8lg1TluoQBBv_Ak
.mgid.com/ Name: __cf_bm
Value: FG19EfPq2bnrROwvdAcIYr0Xm2fFMezO0tY7wyjAAJI-1634979559-0-AWDmqhP3KMp31cTCrJi/6gYCiHOvbpUhZTu6uGX3C7K8sOtrBPcbWN28ATrZMlVdhrrHzZAbMS1JFqUXgNs3bXg=
.doubleclick.net/ Name: IDE
Value: AHWqTUnILB-QofXVZltGiafRvJ2kO3nigU2vjhakB-CoZYslCRW16dxCWfdAsgHowNc
.quantserve.com/ Name: d
Value: EHoBCQHGJIEA
.quantserve.com/ Name: mc
Value: 6173cee9-7cd87-06d57-eabf8
.openx.net/ Name: i
Value: 36132c4c-a459-4918-97c7-b100ddcec85c|1634979561
.casalemedia.com/ Name: CMID
Value: YXPO6XFY1K0vqnImasyfKgAA
.casalemedia.com/ Name: CMPS
Value: 3210
.agkn.com/ Name: ab
Value: 0001%3Ayeb1xhuMLbFzEW%2BkTVYr4%2FiQXdRpPtuL
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1124
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A275B7A1-80B9-4800-830A-24A9F1518079
.mookie1.com/ Name: id
Value: 10810327956848973511
.mookie1.com/ Name: mdata
Value: 1|10810327956848973511|1634979561683
.mookie1.com/ Name: ov
Value: e6efd4f05092faf0e6469f9bbc7ee482
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2021102308592100090984623321
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6173cee9d858f7f3
.addthis.com/ Name: ouid
Value: 6173cee90001fafc9336edae17530c9afd6b0b4ef8884dd23a52
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211023
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.agkn.com/ Name: u
Value: C|0GEgpBotpKQaLagAAAAABAQAtAQfoGAIAAQ13AQCAAQpAAAAAAAEABwAAAAABl8j7__8eAAAAAABcCV4AAAAAEu5FtAAAAAAJhyDCAAAAAB5pIlAA
.casalemedia.com/ Name: CMST
Value: YXPO6WFzzuoA
.casalemedia.com/ Name: CMRUM3
Value: 2d6173ceea2760CAESENi4JCVZ8iUlNw-YGnrPty0
.adnxs.com/ Name: uuid2
Value: 3951458067563225374
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>5uYteU!]tbPl1M>e)ZlrFUfJ+tGXxp)b:7SBMY`4rB*wLJ`z^r$YXc$TYZRvDpMbGr*bpRz*qF1`*b_$`)wm99
.dailymotion.com/ Name: ts
Value: 324810
.dailymotion.com/ Name: dmvk
Value: 6173ceeb16e68
.dailymotion.com/ Name: v1st
Value: ED0A975209C27EC9AA73BAD1AC131362
.ylx-1.com/ Name: used_ad2558629
Value: 1
.ylx-1.com/ Name: total_impressions
Value: 1
.ylx-1.com/ Name: cpa_673873
Value: 300x250_762886271_0
.dailymotion.com/ Name: usprivacy
Value: 1---
.yahoo.com/ Name: A3
Value: d=AQABBO3Oc2ECELDmMPgjb3vAJCSo4N8Vs3IFEgEBAQEgdWF9YQAAAAAA_eMAAA&S=AQAAAgDM-yP53TuYHuii-G7E95E
.spotxchange.com/ Name: audience
Value: 857b940a-33df-11ec-9cc4-1d21b9eb0206
.rlcdn.com/ Name: rlas3
Value: BYvV2o1tgrmvSSyK3lUt+XArZEgDxJwK5hVy37in6Vw=
.innovid.com/ Name: uuid
Value: 6eac2dd1-e623-4135-956f-9e434ae25636-20211023 04:59:25
.openx.net/ Name: pd
Value: v2|1634979565|vNgu
.rlcdn.com/ Name: pxrc
Value: CO2dz4sGEgUI6AcQABIGCOndKhAA
.mgid.com/ Name: muidn
Value: l9nqFHyZF6X1
.liadm.com/ Name: lidid
Value: 925823fe-49ff-40e5-a1a0-eb64b1f405b2
.mathtag.com/ Name: uuid
Value: 36dd6173-ceee-4100-818e-e72d2ea43106
servicer.mgid.com/ Name: __mglb
Value: fc02a5af8306bee686576562f78e8f80
tinhottrongngay360do.blogspot.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C824436%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634979566527%7D%2C%22C866434%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634979566508%7D%7D
.bidswitch.net/ Name: c
Value: 1634979567
.bidswitch.net/ Name: tuuid_lu
Value: 1634979567
.bidswitch.net/ Name: tuuid
Value: d736cbd9-16ce-4bf4-b0d7-265173ee897c
.creativecdn.com/ Name: u
Value: 7QXNiJWKiHta4A6K2ERO
.creativecdn.com/ Name: ts
Value: 1634979567
.e-volution.ai/ Name: v_usr
Value: 6a79ae51-d3c3-429e-93df-e855963f0dd1
.360yield.com/ Name: tuuid
Value: e69c81ff-b131-47b5-8d9d-ea753d81e8c5
.360yield.com/ Name: tuuid_lu
Value: 1634979567
.zeotap.com/ Name: zc
Value: b3b12f86-180f-4e64-7bac-afd83ad63cee
.adsrvr.org/ Name: TDID
Value: 6f6ad411-ce1d-4148-928f-e113e846e58c
.lentainform.com/ Name: muidn
Value: l9nqFHyZF6X1
.idealmedia.io/ Name: muidn
Value: l9nqFHyZF6X1
.erne.co/ Name: u
Value: MH4b793EYhuEzq4rF2CsXsa7
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjK4KrfxIOLOhAFOAE.
.scorecardresearch.com/ Name: UID
Value: 1ZSNIYANIPBPP9VO15QM1Tg1634979567
.mfadsrvr.com/ Name: tuuid
Value: 6ae8e45d-7053-4432-bbda-f55baebabb8e
.mfadsrvr.com/ Name: c
Value: 1634979567
.mfadsrvr.com/ Name: tuuid_lu
Value: 1634979567
.mfadsrvr.com/ Name: ssh
Value: !mgid,1634979567
.adtelligent.com/ Name: vmuid
Value: 0f3c0c9ec823cde7
cm.mgid.com/ Name: mg_sync
Value: {"287839":1634979567,"433145":1634979567,"617666":1634979567,"665953":1634979567}

9 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXPO6XFY1K0vqnImasyfKgAABGQAAAAB&google_gid=CAESEJTyiBWrH1op8lrBmA_X8uA&google_push=AYg5qPJfVGCNBZJtabIB3R3zvjVD6bcbTsJjd6DKhqoBNav-U1xQGGJdlXnL8dUHbJBcOzUQtC5nHL_nftivLC6g6i2JRx3Q58Y&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security warning URL: https://tinhottrongngay360do.blogspot.com/
Message:
Mixed Content: The page at 'https://tinhottrongngay360do.blogspot.com/' was loaded over HTTPS, but requested an insecure element 'http://media.tctshop.com/banner/1489553984_72533_250x600.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://www.dailymotion.com/embed/video/x5tc271
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.dailymotion.com/embed/video/x5smq48
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.dailymotion.com/embed/video/x5tc2ay
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
3.bp.blogspot.com
ad.360yield.com
ad.a-ads.com
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
ag.innovid.com
ajax.googleapis.com
apis.google.com
bid.g.doubleclick.net
c.licasd.com
c.mgid.com
cc.adingo.jp
cdn.cotavi.vn
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
connect.facebook.net
creativecdn.com
csi.gstatic.com
d.agkn.com
dmxleo.dailymotion.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eus.rubiconproject.com
feed.mikle.com
feedads.feedblitz.com
ff8c9329-a-62cb3a1a-s-sites.googlegroups.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
image-us.24h.com.vn
image6.pubmatic.com
imasdk.googleapis.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mb.taboola.com
media.tctshop.com
mwzeom.zeotap.com
odr.mookie1.com
p.liadm.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pebed.dm-event.net
pixel.everesttech.net
pixel.rubiconproject.com
r2---sn-4g5ednsz.c.2mdn.net
r5---sn-4g5e6ns7.c.2mdn.net
rtb-usw.mfadsrvr.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.pubmine.com
s0.2mdn.net
s1.dmcdn.net
s2.2mdn.net
s2.dmcdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
sites.google.com
speedtest.dailymotion.com
spsec.feedblitz.com
sstatic1.histats.com
static.a-ads.com
static1.dmcdn.net
sync.adtelligent.com
sync.e-volution.ai
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tinhottrongngay360do.blogspot.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
vendorlist.dmcdn.net
www.blogger.com
www.dailymotion.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xe9o.xyz
ylx-1.com
ylx-i.advertica-cdn2.com
cm.g.doubleclick.net
104.111.215.191
104.111.242.245
104.16.199.73
104.18.10.207
104.19.133.78
104.19.136.78
104.19.216.61
104.22.25.87
109.206.161.21
13.114.212.164
13.32.121.72
136.243.35.166
142.250.184.196
142.250.185.130
142.250.185.131
142.250.185.134
142.250.185.137
142.250.185.162
142.250.185.170
142.250.185.174
142.250.185.194
142.250.185.202
142.250.185.225
142.250.185.98
142.250.185.99
142.250.186.129
142.250.186.130
142.250.186.46
142.250.186.66
142.250.74.193
142.250.81.227
151.101.193.44
157.240.20.19
157.240.20.35
172.217.16.130
172.217.16.138
172.67.137.9
173.194.182.74
173.194.188.135
173.194.79.137
178.79.242.16
18.168.50.255
18.184.251.131
185.184.8.65
185.29.134.244
185.33.220.240
185.66.200.127
185.66.200.221
185.66.201.59
185.94.180.125
188.65.124.38
188.65.124.59
188.65.124.90
188.65.124.91
192.99.8.34
198.47.127.19
2.16.107.64
2.18.232.230
2.18.234.21
216.58.212.130
216.58.212.142
217.182.200.29
23.227.137.178
23.227.139.243
23.37.42.132
3.120.169.248
3.123.215.135
3.228.100.123
34.232.192.101
34.98.67.61
35.212.212.222
35.227.252.103
35.244.159.8
35.244.174.68
45.122.220.63
52.18.11.109
52.201.138.78
52.201.15.87
54.87.152.8
63.33.106.135
64.185.232.226
69.173.144.139
69.173.144.165
74.125.140.157
74.208.203.131
76.223.111.131
87.248.118.22
87.98.252.5
91.228.74.134
013c821f6dfee23afd1e79e336a0af63b4ca4c6a70ade399be9c56d370e25e1b
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cfbef99d4d694efdaa8da3449e43f1e165dd86d3d86a57936f24a713ea14a4
02ef66b1e382dc94c0a75f7fee02d17c0421830f47d55899ba57bbdabaf8b5f1
03109eb6077671a8b9bab375b55c32ed228b8c4588b68c29f5b87449753bd7ec
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514
0449cc3c6561781b506e45d81c8b7aad36b1ab5dd2266e4d5883448144c27367
072a72d18f61c75df49019e216abc255d50ea01b8a7a415c59e5af7c18ce73a2
0772c774e00b6759e0087136bf28fddef535803f3c7c45112224d1a0529f499d
08b7bbed1ecbefff14209dc5e38087409a4f91d055014ce797b9cbe538c3aad1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c048a984b6e07f7610f2ee6451e47590308f6902f90639a2ec23174102bda5e
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebf9b3326b5a2bfe147c5d5283b8718fbcfd4f72320fe974d21f4e7f271a7cd
0fcecabf1a58734d3a38b2f1a6a74ee87bfd3962d7087e3839786ee30d145b5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
14ccf85b4dca79489d653e2520093a2018d7c73e5af62715580dfea053c32a44
1682b7d512dacbecb1815f4caa19f591d0dcdc759022794d2f0e2429df34484d
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17a2efa049ad19070f7a1ffd672d803bbbb72b528988810b3f8be2665b2db65d
18c47eb5df968cee58eb6bfe315715410b07cb631a89c5ddc2604ac58725e30e
1c29441894cea0f4a6cea7e9929906680fb09fcf678a05becdc545a44acaea22
1d0ef9d3132621a9e8ffc54ad90c783fbe4a1080421555186e2b9b35047d0455
1d959d4f91b4f867754ca942fdaf51978c488ff57a796a798e28a7a745093fff
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
1f18af9893b7eba52ce424864d7bfef02be0bcdfca6e7a23c7d7ed170722fb01
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20156f6c56dc47dc6fc709cb375305201906b57f9da4fa08cf90d6bc7add01e9
207ccc3e6060ecbc5e071bb280cac8a8582a24e16e9ddfa03bfc749c68df968c
20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
2608889fe1fc07e81dbb2ba0131ef3141484a03213a872b393cc5750b43d4650
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
29c582f66cbb5f975410473161ed3fe3b874cf968e816d93bc8066ad0037e712
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
2e8b71c02eab4e8f960c7220574675e1ba182518df1ae5965a4e4a2fd630a8e5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
38603c9fe9f125ae14f5d0552ddc60cce3ed905b1bd4a89f727966b1d50513dc
3a51466374b113282feebeda7c88fba5fe87322f83b99dfdf40653f9ca2f774e
3ab6401f792a26330917330750bcf8d41708f8c3d791f5165cc2f65754adcbc0
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f37514d61ebde22e743cdb9cb966eea30ed97db6b54f1bed046b7071b02a63a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c60ffc418d96aa6761f9de49de0c922137fef9b4cd386770f59165d0d2a236
423255dd98112c4038b1456993c79186ae5591d3d1e814a194129b039e7b1514
4414eabdadcdac7781a0e5e45e2b2e236b5609f82e1a0f535d206025c2bb17a9
4514e2c3a8030befb0505de0aa633e5e92d84b2521939103af36426aadfe1645
46b9b836ca8efd7d05d092c5631161095d80e5181b258ddca846796a56a990c1
46cea1e05ac53c31205c3c0ce13c42d2ca7a6e3bffa679f36d17f33d2d137898
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb09e0610d89521ad525926d76dac479fc86eb3fc6dc85ba2e4f0aecf25c970
4d9552218730ff2408471ece143284c7abc5e35137e50a3dcd6efc374c1fcfe4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50164d7dc4649ee04a7ecfece3aab53ea627bb221b0c7658f495758d8a2ae166
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb
519d2b5dfadc8906e412b3f57aa7c7f75850b672dc3d14f9c42c8a8a6abfc310
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
540649854b5733a58df6cadf70c523c6d5a64f5358ded5e42ec28fbabf9a600d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5a3a226e6f8fb8e086b933306f2b1b39440c2b83c97af9ae20b3b8fe807305ef
5ad3f4bda669c7854f49aea856dd0e8568e0ac074695f6a4f1f60c0a86022e42
5d1c0688903384d5a4ac57a129b767fbd20ce4fc2019ccf7521dd7ab67b348ae
5d877c7a0bba0e8c245383ca736887ae77569d680f0c5b7b926b09628cece511
5fe87cc9758f35025c5d07f58f39d89670c2e691b8f87774db4641c3b449b8a9
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
6582ac9001c322e1d97de3bec72bd7f8af1a8f80b98e4d6db1ac07f52ee78e1a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6dc7d4e4269ae5917abb11d1f4aef191440786cfbbd6bc7fdd9bf31f907b6bbb
6edd3fd929a57439ee6eb67a94728614d0961a37a8a3b75272baf354892a08de
7174a914a8c5973b0254e322575524d67a8b534d3c493333b5f9b07de6dbe5a8
71fc391acf67f1d522973e5358f7c3d46153b8b04260704f889f0ce109e24acb
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745d921f5524a51c70a1c7e959ab7d0b91698e955c0b04aa41374c39a51c33b8
77a410b0450e5601de9d6e7d21e38a93a9f8708a80dc985a1bac243f489ab62f
77b4d43995948900e7483a31d1257d9f62ceaa9777334c6163242ba9b33ac51e
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e
7b95de39f1b5a577639f93497c3a4b8e5e81e17e8d7bd723eb887a7ce822d658
7d221ddcad8292a0020e47f3aa8aab90573e52eb5199fb81b01a1fa6a66e2e2f
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
7ec07b8074a5c61e02dff7e958163f4dc56a9e96ba91a1959775cbbbb6b58130
7fac3c6565e9778e7b927e3a918857f62be43e2a8dd24354bf9df2fffc56269e
80521fa17e3eac65f94cd9f97428bbb4fecbd82101c1a2dba5c7b0bcdd01e863
8069a8a23630d1c8dcf3f2880d67d75d7e9bba0d1f498ec7fffa56fa84374ae7
8190f1ddef5f0da354396519cbc58089189318425144391abf7986eb6af60cdc
8270d9ca169f877be150174284b3732f078fe08d87c180e55b25a3b8c0dc737f
82ff561e1774f0e032b7baa80469f401d0d5d7043989b3ec8797ed161cffb0e1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
86f8cf7f2cf47ec2ea1fafc5f1f358b259011b677c882c97fe70fca068555e8d
87a5ff9908f6b9031624d7825e20a4eb74946f739947cda8bd3f3262639ec13b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8838412fa6e7352170105f32fe30bffcdb1c049506f6870e71e3f93e60ac0a09
8993f75df2c9e0d4f49d5610f307e05200e64a37a2f14bd1b38f03915223e5c2
8ab811f027bebc7f167410cc8efb788e4c0e7b24b49370d76ba7f135fc2286b2
8ae98072d667b481678ed09f28c9c838d449c8b4e7fdeed6375cb64c903b9f8e
8d1c5b5eb2f64b5fbeb21647bff6096805ce154b6a470d86815fbefa7b9fd707
8edc35ef2802225a50853e9ea4187ee028f6c2697a249705a10b870b19f8f6bd
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93a12e23a6baee5c57b328bc210239f7b2ebad812b99753d1f4d913dd60f8442
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a
952179de3aa005c3c429d6b269221f8f2f179b04879cf65df8d9686aa6de2f71
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
987a7916473accd47ffd7a227517e7764b547ad2d84fa85bc25f60413acb0790
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5304bc525ec5c2300964c1be915ad25a164a2d681ddc072f75ba922bd524b2
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fbdad10e5e36c274797582a15b26038440b9354d8194e4d81611dab406b323
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a603a5b5b17a1845503de11ada8c0a9d5a88f88ed067774be29f8fd6d3beefdb
a844cab38a5712112736841a511fdaeac69a4bfddbec8224679ec3af51351aa0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0
acaea78a93cff7633c89cc3aea32d384a83b497969c68915d0c1985660802a5c
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159
af8683bdef35810e669817d34a10649f97abae62182d0b39124268b559e95bd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89
b4ccb000fa0da2a9e92c3e09d0fb2f452310abb30312b299ea3747a4d62df36d
b6f1b4ee4ab7166896918e1fbf1c69d351a5d374505dc7dfb9ffcc8610a236cc
bd40a717df08da2561148e6dce4a78aa076bc0d2747e2e018300b475b13a2413
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
bf1a182611613122e08be5c2c9b965464aec0a406ab2029ffa636de346e42a57
bf2ffe92704be1730609b331dcf2f7a39fc5bb13e24844b64acc6bf0b3698a4d
c04a996ac11fe8f8bd3b1fd1c086eb228f5b55cfecb61d5dd94074638ed40029
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
c4dd599f08e74ede224f2686a06637028d05ec4697888ff5eda8018b2bee6d37
c4fec02f098cb0e0b39775b78224bd1ca691b2c296ab1b2a6103c7ddb6d440ab
c55c92cc84ea81ff349ec2c4dc43694b20b7299d401bdb4313364e29d5f982a4
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb1abeec0baceede77ec7ae2a83e9bc51a784a8d45af600c3ade3fddbe55b9a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccfe5937aa746cfead160b1dd3886b7fed3d73cc8476b920f10cc65b4cf48e02
cdf5542fdeca557662878a46ae932e7d9a58042e8a61c3c12e21fe13d6753618
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30ed422a23856fcfc437670d25406ec0c659882201802d47dc42a36d9f72cef
d6ef3c88cad30df30cfabd1290d76ab168c3507534090e562a52297483c5b8d4
d71d986a726a9a3b37c6a5e049fee9692442911b24fcbc115a55608634a3ebf9
d85f8442324ba9b95823d51201409158e184a5c11abadda2ddf6ec2c007fcc5f
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
d9dbe776d4dfcad6d03a0f04f6d01ff3e252f55eed9fdb6131e88c3f24d4e071
db5e28baf438ce3cc47701d6e06de50f038375ce72108b60240d5fde0d3489d3
dbc1d1a96adc2a2e301132f24afa7db91d0994bedee2aa6f6f342f99d3acdf91
e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681
e237788fd58224a66436eebfb7424d063c8317c6271c6a9f522cc07e6979da1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42431f10bfd91e45735ac42f453297a7c47f8d9ff946654432e49d33b84c6ee
e44edab370097d8fde67cc1489439bfac3b25c7af68f1cb48b0f8372e3809e93
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050
e578fda3845b781d5c0045ae9c5dc94257e613d1c93d5155720c10453e44e91a
e580a43541eff58379fbbfab8eadc2b181208980db84b45185350f115c6c0658
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
ea9a49e96349e3bdcec138c13a65fe3e1c59b0d1530eae54c754c1a94c66af5e
ec2e67c89a14e9bb5a9803cbc613359701431b068b4894006ffb7c9ba6111329
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2c18bf02a291b52d82f31e7513932d78787d19d59b21de279075f0145d86ed
ee958494f44b533b30218f6b0285230b5cea6114be189dd316e7661400c9105b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4513657e2548edc52a5143900dd01969a0bf43b46c204802da310c94a1ffb17
f5c8b9d03dca9880adf484f9dcd19aa6b59817d4078cfc0666cfea01cc91d113
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fba49434693799332c3cbf2e81e92319647efeaf43dfa6133ab4b0cebfdb4fb8
fbfa94165c6b0ab6af7f8e1328b017398ac55dc6e49b07a235e0b387f48bf798
fc9edf2321b2b2b1931c3ff5569b71a6a661530f166fef3eb0ad7718870d16ca
fe5f2a40422e9a55187b3204161cbce1ba1d03a2eb4fa971bd10451562fed99a
fe6581b7f15c23588ee28084325dbd0907fcdbf190eea8754d14421331c74326