URL: http://nuoilomienphi.com/
Submission: On November 27 via manual from US — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3031::6815:2fbe, located in United States and belongs to CLOUDFLARENET, US. The main domain is nuoilomienphi.com.
This is the only time nuoilomienphi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 nuoilomienphi.com
nuoilomienphi.com
355 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
226 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
138 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 16137
312 B
1 waust.at
waust.at — Cisco Umbrella Rank: 39728
4 KB
1 nuoilokhung247.com
nuoilokhung247.com
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
88 KB
36 11
Domain Requested by
11 nuoilomienphi.com nuoilomienphi.com
6 pagead2.googlesyndication.com nuoilomienphi.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 connect.facebook.net nuoilomienphi.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com nuoilomienphi.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 whos.amung.us waust.at
1 waust.at nuoilomienphi.com
1 nuoilokhung247.com nuoilomienphi.com
1 ajax.googleapis.com nuoilomienphi.com
36 13

This site contains links to these domains. Also see Links.

Domain
nuoilokhung247.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-05 -
2023-12-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
nuoilomienphi.com
GTS CA 1P5
2023-11-21 -
2024-02-19
3 months crt.sh
nuoilokhung247.com
GTS CA 1P5
2023-10-08 -
2024-01-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 5 frames:

Primary Page: http://nuoilomienphi.com/
Frame ID: 346AA62EEE3462AAEDBE87B9C96A20C5
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 40FDBC7541C9075A59BC290DD7F120D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4123566304121574&output=html&adk=1812271804&adf=3025194257&lmt=1701094972&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnuoilomienphi.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&dt=1701094972672&bpp=3&bdt=711&idt=163&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6070252823729&frm=20&pv=2&ga_vid=515758291.1701094973&ga_sid=1701094973&ga_hid=1025092577&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44809317%2C31078297%2C44806140%2C44807763%2C44808149%2C44808285%2C44809053%2C44809071%2C318512601&oid=2&pvsid=344395965004858&tmod=146051349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=177
Frame ID: F5570DC107085A9089B61B94530F7C9D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 086D5FE8D891E5913182C688E8762163
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B4131C52F4890E663EC20B6C0DE019B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Soi cầu 247 - Soi cầu 88 - Rồng bạch kim - Nuôi lô khung

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

72 %
HTTPS

100 %
IPv6

11
Domains

13
Subdomains

15
IPs

2
Countries

930 kB
Transfer

2019 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://connect.facebook.net/vi_VN/sdk.js HTTP 307
  • https://connect.facebook.net/vi_VN/sdk.js

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nuoilomienphi.com/
83 KB
14 KB
Document
General
Full URL
http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f67cdc8cbd5d959eb1dd604171ddbba1d172fbc6ac8099e680c50467fc2a0dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82cb068d0af99bd6-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Nov 2023 14:22:51 GMT
Link
<https://nuoilomienphi.com/wp-json/>; rel="https://api.w.org/"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBmqck39cdKZyql1yXzzPDNsHz0v%2FbRLNcMNJGPUIkAGcnkjIqnmtnHvIjCtDtf4WhC9zxOyC1pcJ7IH%2BwP6pNGfYtGjTkCePvWGUBkTxDgrKPm06fA4v8uFyFhNVAz9R%2FLiAfm2TDUgoQZDWwRTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-LiteSpeed-Tag
cd4_HTTP.200
alt-svc
h3=":443"; ma=86400
style.min.css
nuoilomienphi.com/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
http://nuoilomienphi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Tue, 15 Aug 2023 20:50:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnkL34jhOgHn2S8HwkUArLaEOClQEyvAU9EsUbVZzD77JbMS19FfONdqW6i1HlWIKlfHxaH5%2FCGkIyVU%2B9W8FHaFWmpv8NXFxqDegDImrdPf6MKmCCKoDRitMHsip8KOl2ib2ioHu0iBmMmKMEEW3w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Connection
keep-alive
CF-RAY
82cb069888c43541-NRT
alt-svc
h3=":443"; ma=86400
d761894d-ecdf-4ca5-919c-55aef3ba5445
http://nuoilomienphi.com/
1 KB
0
Other
General
Full URL
blob:http://nuoilomienphi.com/d761894d-ecdf-4ca5-919c-55aef3ba5445
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
style.css
nuoilomienphi.com/wp-content/themes/taigame247/
13 KB
4 KB
Stylesheet
General
Full URL
http://nuoilomienphi.com/wp-content/themes/taigame247/style.css
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82948b45e230a59b500c5f2be454e7eda3daecd9c0bd3887fa03e27316f8bfc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 03 Aug 2023 18:33:13 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAe0EHhxek7iAfdQ%2FTs3Gfqh4XyjDniU9%2BAEfL2RvnI0dBtxYGUCfSYSRJaX2VrAMwy2KvdRkfvH7rlool2QJmfEe0OEHC2op0iPGU6os%2FlQpoVktP90xyo6ud7wtKeuzaaGYwtFKHxmqUlYpC2DSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Connection
keep-alive
CF-RAY
82cb069a4b1f9bd6-FRA
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8633b5bd1ae9d7176ce7f31798f16e09da0a0b0d7a85dcda4cbea499d767807d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52683
x-xss-protection
0
server
cafe
etag
17327960992292858147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 14:22:52 GMT
js
www.googletagmanager.com/gtag/
132 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-159049398-1
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fea90a602b9e5fc2394713e2856305be716768c4d3f9ac938f77f126049eed8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51408
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 14:22:52 GMT
sdk.js
connect.facebook.net/vi_VN/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7312fb78818546c3ea83edab6220d0a9487c11b6f20167d5c8dd116cc604ee76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://nuoilomienphi.com/
Origin
http://nuoilomienphi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 14:22:52 GMT
content-md5
hbRJHylizrzMtFX7qmIlOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
e4QH/euMeV0/xZU/IjpQp235J3uCLklNFSx8r71qh/kVrI1/ETY0q4JNujXx3K3Q63wtEs4ZGH/ujfRMU0Z+rg==
x-fb-content-md5
35074a675db17f4d750401273a860d40
cross-origin-opener-policy
same-origin-allow-popups
etag
"e80341f58b7ac4662576b1757e25dd16"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 27 Nov 2023 14:35:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
88 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:18:21 GMT
x-content-type-options
nosniff
age
309871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 00:18:21 GMT
nuoi-lo-mien-phi.png
nuoilomienphi.com/wp-content/uploads/2022/01/
12 KB
13 KB
Image
General
Full URL
https://nuoilomienphi.com/wp-content/uploads/2022/01/nuoi-lo-mien-phi.png
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ac21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a5b1829bbd1c96f2a2bc2dba3cfb787eae50a8ceceeba02c25c534a1514a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 08 Jan 2022 16:51:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKXOlZvrCzSXO9GPJBvNB2vaTgYfK931Nz7lgAgjIDTpXw0GrbMt7RUfbEWFrXAEt4auqgl66G2ePg3Ssr4ldLRXEnCtyb%2Bv%2F4QIbAa%2B9JIEBpIfuhuHC%2BmqcjeWH1MIwssFZz4sLsnSnLnzm%2FAzUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
82cb069a6f393814-FRA
alt-svc
h3=":443"; ma=86400
content-length
12492
hot2.gif
nuoilomienphi.com/wp-content/uploads/2022/01/
197 B
846 B
Image
General
Full URL
http://nuoilomienphi.com/wp-content/uploads/2022/01/hot2.gif
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:53 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 15 Jan 2022 22:06:06 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JScEMDijw3olmeVuQh8HBHQ%2BfEP9HKfKK%2B8tNpqjbgUHSU9ByQrZyhtVpX2x2c5TPigWCQ24aJBZWYgP4KtKIfFr93o8jAmKJAIZVjUyYSimqTgcp%2FPh37C%2BumImg0PcxHsIMLLDwhhQsihRjjXMaw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82cb069a4f7a372d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
197
banner-soi-cau.gif
nuoilomienphi.com/wp-content/uploads/2021/10/
298 KB
298 KB
Image
General
Full URL
https://nuoilomienphi.com/wp-content/uploads/2021/10/banner-soi-cau.gif
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ac21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df592fbc2ac645ce0692867e02348f437c336d63f04e594daa980e3d33c8374

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 25 Oct 2021 20:41:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnkbuRkuNhDD%2BRrS1rFOunafjjc81XFfNgi6DUZfjMD4nbOMjuc3LaksmZwM90pYaJ5YjVpKQ807qkC8JTVu1akCIh7oZjSycovLykUgWMYP%2Bta5DFeV4o2Y6Bsz3bbBgUDhffCReuNWp0UPndG1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
82cb069a6f413814-FRA
alt-svc
h3=":443"; ma=86400
content-length
304884
55.gif
nuoilomienphi.com/wp-content/uploads/2022/01/
1 KB
2 KB
Image
General
Full URL
https://nuoilomienphi.com/wp-content/uploads/2022/01/55.gif
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ac21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543251da65b9c72dad0f752974b678941408f25b8fd7425a24d399de6d4d5bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 15 Jan 2022 22:05:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vnwk%2FayOCSNgYWDSYr1paZJjjvVIdnSNDkqwbOhQnq8EI6Y9spg3ASQspfnQSgxa%2Fgl%2BL%2Bk%2BAVVWQJbYrpAb%2FhQp2T%2FLHRxgeH6pJO3eKkqR6ha1cw6LFVRxWER%2BeXqMwkcq%2FXp9A9iNvnhU3RG3mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
82cb069a6f403814-FRA
alt-svc
h3=":443"; ma=86400
content-length
1119
57.gif
nuoilomienphi.com/wp-content/uploads/2022/01/
265 B
580 B
Image
General
Full URL
https://nuoilomienphi.com/wp-content/uploads/2022/01/57.gif
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ac21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f265532c218a2e0d381431ac4811cdc8c99ef27a205ac581ee80f485513c770

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 15 Jan 2022 22:05:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwDhn3F1GOn8ME5FEZDXlunuZT8h1O9m%2FesDUFW%2BrZDPi7HpVExrFJPZU9TVMMFvReJ1F8ofhVc13Fn8L4hW%2B5zkhKzRtgYX5%2FMIkhS31toR3MZQZgKoMke6OhFWYt23dVZQwzl9EdSX02Ll0r3wAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
82cb069a6f3e3814-FRA
alt-svc
h3=":443"; ma=86400
content-length
265
soi-cau-hom-nay.png
nuoilomienphi.com/images/
813 B
1 KB
Image
General
Full URL
https://nuoilomienphi.com/images/soi-cau-hom-nay.png
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ac21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a061d81bb5490837cb0bf1df334e7916fb43a4ff78759265035edb2521b96b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 25 Feb 2020 02:32:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYkCj2%2B9q2EOTm99waT1Qf1V%2FzY3J3T0ep2zHD0qHhXKKynAnqXYo9eHSv%2BQBW%2B3p853A9Fz4ji5wm2l3M1r%2F6wKpnyGNdw%2BUiX%2FmrYh7%2FFk4PhGlvqQYNVBV5FB5JORuUy3qb3BtQxlGso0sdOpvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
82cb069a6f3f3814-FRA
alt-svc
h3=":443"; ma=86400
content-length
813
nuoi-lo-kep.gif
nuoilokhung247.com/wp-content/uploads/2019/10/
495 B
1 KB
Image
General
Full URL
https://nuoilokhung247.com/wp-content/uploads/2019/10/nuoi-lo-kep.gif
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afa81f12eac197ed1a2ac88bb48118c2c05e7f671b3f1de7b5df69e10c72ca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 12 Oct 2019 05:57:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1ef-5da16b2d-a150e;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLrp48Bc0yWCWd%2BQN6%2BLFXktp98mBivSyCXJ782ppzvTHhyS6yZw11W3b%2FdVAg45Ol0VDNmyCRz6bRjxLlRRV7NB5xnPF49GhvA13%2BF2pt%2BfBiQHJA02fmenBxjVyXWWGDXPithbl9Xuoug65SjjI7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
82cb069c3cab2c5e-FRA
alt-svc
h3=":443"; ma=86400
content-length
495
expires
Tue, 28 Nov 2023 02:22:53 GMT
s.js
waust.at/
8 KB
4 KB
Script
General
Full URL
http://waust.at/s.js
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:52 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3374
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Thu, 12 Jan 2023 17:19:44 GMT
Server
cloudflare
etag
W/"63c04130-2170"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBF7gHt6ACP0Y3UmXYLlZnOVA1MSc1%2BYph5eEiFO8xNQG7IK8dMJKIM6SeSCpMguQPQy5AU20qTs62AIe445YGX9GB3m8BI%2B0NXOmkJRlE3roZKGqJrxg9SHXi2IynjpA5xKebGr"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
82cb069a8c094d97-FRA
expires
Tue, 28 Nov 2023 13:26:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4123566304121574&plah=nuoilomienphi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9883d2412a7aac3824f7bffee8b5b168970445fed43a87d8e441500df974939c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138524
x-xss-protection
0
server
cafe
etag
7478156960487205880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 14:22:52 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 40FD
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuoilomienphi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 16:18:04 GMT
etag
16674218716276178799
expires
Sun, 10 Dec 2023 16:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F557
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4123566304121574&output=html&adk=1812271804&adf=3025194257&lmt=1701094972&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnuoilomienphi.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&dt=1701094972672&bpp=3&bdt=711&idt=163&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6070252823729&frm=20&pv=2&ga_vid=515758291.1701094973&ga_sid=1701094973&ga_hid=1025092577&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44809317%2C31078297%2C44806140%2C44807763%2C44808149%2C44808285%2C44809053%2C44809071%2C318512601&oid=2&pvsid=344395965004858&tmod=146051349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4123566304121574&plah=nuoilomienphi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuoilomienphi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:22:53 GMT
expires
Mon, 27 Nov 2023 14:22:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
260 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SVCPDHJ93V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159049398-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2356a5a55ba601adfb9b1e4f23a8f677421386df2313543e5c9519cd08e1010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89561
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 14:22:52 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159049398-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 13:19:54 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3778
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 27 Nov 2023 15:19:54 GMT
sdk.js
connect.facebook.net/vi_VN/
Redirect Chain
  • http://connect.facebook.net/vi_VN/sdk.js
  • https://connect.facebook.net/vi_VN/sdk.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
H3
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7312fb78818546c3ea83edab6220d0a9487c11b6f20167d5c8dd116cc604ee76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 14:22:52 GMT
content-md5
hbRJHylizrzMtFX7qmIlOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
e4QH/euMeV0/xZU/IjpQp235J3uCLklNFSx8r71qh/kVrI1/ETY0q4JNujXx3K3Q63wtEs4ZGH/ujfRMU0Z+rg==
x-fb-content-md5
35074a675db17f4d750401273a860d40
cross-origin-opener-policy
same-origin-allow-popups
etag
"e80341f58b7ac4662576b1757e25dd16"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Nov 2023 14:35:14 GMT

Redirect headers

Location
https://connect.facebook.net/vi_VN/sdk.js#xfbml=1&appId=498530620854954&version=v2.0
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
sdk.js
connect.facebook.net/vi_VN/
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=baa5b58b4681e4c0a89c7b9154b025a1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
156b21fccb1b6e5f20d102f918e520398d50d97dc1ec6a894f401eb66b2cead2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://nuoilomienphi.com/
Origin
http://nuoilomienphi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 14:22:52 GMT
content-md5
W4xxgRpBMi0wr89Q5GxeWA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87012
reporting-endpoints
x-fb-debug
HheQ1bOI1Ktzgc6PCNdkj4VYJ3YVmtcpe1wZnhQteBxaD7Sge+Fj+ZbdxW+M8UZozfwAcgMe65un131jlTIRPQ==
x-fb-content-md5
62209983a623321c94bd690ba3b5e56d
cross-origin-opener-policy
same-origin-allow-popups
etag
"f5a3de45829ff9e3d03638ef8ac8fd3d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 26 Nov 2024 14:15:16 GMT
soicaulode-bgheader.jpg
nuoilomienphi.com/wp-content/uploads/2022/01/
2 KB
3 KB
Image
General
Full URL
http://nuoilomienphi.com/wp-content/uploads/2022/01/soicaulode-bgheader.jpg
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/wp-content/themes/taigame247/style.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a05e63658dd0e349ad1570df2f3c6b8c674d598392eed76502ac0e665f080b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/wp-content/themes/taigame247/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:53 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 15 Jan 2022 21:32:58 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FUNuZH171e311TYeSvGuo%2FibwnY4N%2F7J4WU2zx4Or4Nz6eZl4MjbDgn6Vyn5uVw%2BNFRqldal%2F4mTDmmmzTUPhU2vpWaR76nw4U3S%2FPBY%2Bi9fG0xfXRUTYUO9%2BjkSdPIB8SElb3LBbkXki8exg0aHA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82cb069e6ee63541-NRT
alt-svc
h3=":443"; ma=86400
Content-Length
2124
wp-emoji-release.min.js
nuoilomienphi.com/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
http://nuoilomienphi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: nuoilomienphi.com
URL: http://nuoilomienphi.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2fbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:53 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 08 Apr 2023 08:11:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B2Wq9ST04pMel%2FMEaC8oHOOL5GowLQB4orNNmn6x1uNwIyR73OsWcF5O7ob%2BLdT7cl%2F6KorqHq%2FJvE3BP8bnNvQTnZsJPohj1A6c%2F9sQZTuhlvXqUG1zIS7Phv%2BCB4NYUuFcllWdih3mhEVqqO3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
82cb069c9db59bd6-FRA
alt-svc
h3=":443"; ma=86400
/
whos.amung.us/pingjs/
28 B
312 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=k1qv1y29bc&t=Soi%20c%E1%BA%A7u%20247%20-%20Soi%20c%E1%BA%A7u%2088%20-%20R%E1%BB%93ng%20b%E1%BA%A1ch%20kim%20-%20Nu%C3%B4i%20l%C3%B4%20khung&c=s&x=http%3A%2F%2Fnuoilomienphi.com%2F&y=&a=0&d=2.742&v=27&r=3446
Requested by
Host: waust.at
URL: http://waust.at/s.js
Protocol
HTTP/1.1
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e03e643e986e83e4789ca333760b7f4165f871b74f48091e28fe8cc5b6a9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:22:53 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
CF-RAY
82cb069cbf31199b-FRA
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1025092577&t=pageview&_s=1&dl=http%3A%2F%2Fnuoilomienphi.com%2F&ul=en-us&de=UTF-8&dt=Soi%20c%E1%BA%A7u%20247%20-%20Soi%20c%E1%BA%A7u%2088%20-%20R%E1%BB%93ng%20b%E1%BA%A1ch%20kim%20-%20Nu%C3%B4i%20l%C3%B4%20khung&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1395719049&gjid=2001218110&cid=515758291.1701094973&tid=UA-159049398-1&_gid=893500922.1701094973&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1550601414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://nuoilomienphi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 14:22:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://nuoilomienphi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SVCPDHJ93V&gtm=45je3b81v895990469&_p=1701094972857&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=515758291.1701094973&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1701094972&sct=1&seg=0&dl=http%3A%2F%2Fnuoilomienphi.com%2F&dt=Soi%20c%E1%BA%A7u%20247%20-%20Soi%20c%E1%BA%A7u%2088%20-%20R%E1%BB%93ng%20b%E1%BA%A1ch%20kim%20-%20Nu%C3%B4i%20l%C3%B4%20khung&en=page_view&_fv=1&_ss=1&tfd=2777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SVCPDHJ93V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 14:22:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://nuoilomienphi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
439 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4123566304121574&plah=nuoilomienphi.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed710a1d089ad0ce1f919da7fe4e8eb9a60fa7367d5a0ca0617e83d74f9753a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12403
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4123566304121574&plah=nuoilomienphi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Nov 2023 14:22:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 086D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuoilomienphi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:00:42 GMT
expires
Tue, 26 Nov 2024 14:00:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9B41
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2874061ffc72f3eb68ea8fbd81e3fbe4c7d4d2f60e7407129c42b2878d54d7e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jrMLLucAN0Yx5k51ZSwvMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nuoilomienphi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jrMLLucAN0Yx5k51ZSwvMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:22:54 GMT
expires
Mon, 27 Nov 2023 14:22:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 086D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 13:00:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
4923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 13:00:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B41
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=344395965004858&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 086D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ro7FXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:22:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=344395965004858&bg=!-Pul-7TNAAZxrfrxUa07ADQBe5WfOPWhB9d_o1KPim1bGTxfnsGn_xAT2aZ6fOJxcG1QxZq7oN5gCvwzmYbQRfqsGGLaAgAAAERSAAAAAWgBB5kCxY307ftXa1R4sC7fLF_psj_jT2pE0hFkU5pQW2YaJ9hZmeDhVOQBmTPCvVco_jViq-gFx2Ag7116yZgN0XmdPJa_2wV9sjLUQ7J_MHGWkcdZrW9whJMoSpBJwXdNqGQp2x06aMEiXzIsbNhyXUBY8ROWtexUzGW-HA-PXY3Yp1lQQOZdolAOix0EYo6fXHnX6K0rox5b0F3Cgold6twDh1hR89pTFrtiVgk9YZIoa0FPBi6hVBZQn6SREQ61X_3vg-_4So-zTt-r-2vKQmaRrAQPwcsFj2ulA7iupJbUAbP5gDTB532SR_f0hKGNR0BBWSdlpFxIjhLjcX7iNeU7BOxdilsp7ZPVHzOKbX6DQczDZ2nfA7auIROovCnVw38rOfZER_1LcKSFStqP8NFBrMb6gB0UJle0G3my682zzFan15kEiyC0afQS1AKgMc088e4519PAoApd7u2Y3HzSP5dI9WxnlEbjvvMnulIbi87SKgObFcoCY-UcTqcMFM8CiH0iV5QOjCxHYNkjSFZtwg0Lw9rncwqlO7UDj-V0we6n3Gk-9B1dO5Q4Q7572zGSIwmGp-tGbgNsjqqpWO3MH266l38kZCYc6fAJlwQYI_ZDT3R_qk7MXFb8HaIZEnwS0ZmctdW-hYKWD6UwT0JFZ1sU-OGHiiMVNCpu8FwWB7fRbk4f8kwcAykkgvL3Z-YlQ_ypl_vfa7lGPxQl_x886FwPCQ9T8M_O7D7RDkFqvQ8MX8a3lMSH6qR1erZJA42X-Pw0JerZpl2r2vRTKkcHMk7IUxQBvlRfD6KqsL8XwisN36yAMgrtNWuG48e05BtmV7ZF-06ux1IiCadNnv9i3vLyncfEPNwolL60vFIy57f2AfKv8s-heGv_ezP_m9ej7UmvosjMxpS0gbIZcoiu5tb1thehoKvbfqDsdodn89Kg7PAeHeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nuoilomienphi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _wpemojiSettings object| google_tag_manager object| google_tag_data object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| fbAsyncInit object| FB object| dn object| n number| t object| d number| m number| y string| dateText number| dayValue number| monthValue number| minuteValue number| hourValue string| timeText object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| __buffer object| x string| x1 string| x2 object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.nuoilomienphi.com/ Name: _gid
Value: GA1.2.893500922.1701094973
.nuoilomienphi.com/ Name: _gat_gtag_UA_159049398_1
Value: 1
.nuoilomienphi.com/ Name: _ga_SVCPDHJ93V
Value: GS1.1.1701094972.1.0.1701094972.0.0.0
.nuoilomienphi.com/ Name: _ga
Value: GA1.1.515758291.1701094973
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
googleads.g.doubleclick.net
nuoilokhung247.com
nuoilomienphi.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:10::6816:4bab
2606:4700:20::681a:507
2606:4700:3031::6815:2fbe
2606:4700:3036::ac43:ac21
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05a5b1829bbd1c96f2a2bc2dba3cfb787eae50a8ceceeba02c25c534a1514a09
156b21fccb1b6e5f20d102f918e520398d50d97dc1ec6a894f401eb66b2cead2
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a05e63658dd0e349ad1570df2f3c6b8c674d598392eed76502ac0e665f080b7
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4df592fbc2ac645ce0692867e02348f437c336d63f04e594daa980e3d33c8374
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
543251da65b9c72dad0f752974b678941408f25b8fd7425a24d399de6d4d5bce
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68e03e643e986e83e4789ca333760b7f4165f871b74f48091e28fe8cc5b6a9e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7312fb78818546c3ea83edab6220d0a9487c11b6f20167d5c8dd116cc604ee76
82948b45e230a59b500c5f2be454e7eda3daecd9c0bd3887fa03e27316f8bfc7
8633b5bd1ae9d7176ce7f31798f16e09da0a0b0d7a85dcda4cbea499d767807d
8afa81f12eac197ed1a2ac88bb48118c2c05e7f671b3f1de7b5df69e10c72ca8
8f67cdc8cbd5d959eb1dd604171ddbba1d172fbc6ac8099e680c50467fc2a0dc
9883d2412a7aac3824f7bffee8b5b168970445fed43a87d8e441500df974939c
9f265532c218a2e0d381431ac4811cdc8c99ef27a205ac581ee80f485513c770
a061d81bb5490837cb0bf1df334e7916fb43a4ff78759265035edb2521b96b08
b2874061ffc72f3eb68ea8fbd81e3fbe4c7d4d2f60e7407129c42b2878d54d7e
bed710a1d089ad0ce1f919da7fe4e8eb9a60fa7367d5a0ca0617e83d74f9753a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2356a5a55ba601adfb9b1e4f23a8f677421386df2313543e5c9519cd08e1010
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fea90a602b9e5fc2394713e2856305be716768c4d3f9ac938f77f126049eed8e