URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Submission: On August 08 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3035::6815:fbb, located in United States and belongs to CLOUDFLARENET, US. The main domain is timtruyen3shay.com.
TLS certificate: Issued by E1 on June 14th 2023. Valid for: 3 months.
This is the only time timtruyen3shay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
524 KB
15 timtruyen3shay.com
timtruyen3shay.com
628 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
71 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
105 KB
6 timtruyen.xyz
i.timtruyen.xyz
237 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1192
www.googleadservices.com — Cisco Umbrella Rank: 166
610 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
113 KB
2 aanetwork.vn
cdn.aanetwork.vn — Cisco Umbrella Rank: 216001
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1869
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
85 KB
80 12
Domain Requested by
19 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
16 pagead2.googlesyndication.com timtruyen3shay.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
15 timtruyen3shay.com timtruyen3shay.com
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
6 i.timtruyen.xyz timtruyen3shay.com
4 www.gstatic.com googleads.g.doubleclick.net
4 fonts.googleapis.com timtruyen3shay.com
googleads.g.doubleclick.net
2 www.googleadservices.com timtruyen3shay.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 cdn.aanetwork.vn timtruyen3shay.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com timtruyen3shay.com
80 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
discord.gg
shope.ee
Subject Issuer Validity Valid
timtruyen3shay.com
E1
2023-06-14 -
2023-09-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
timtruyen.xyz
GTS CA 1P5
2023-06-27 -
2023-09-25
3 months crt.sh
aanetwork.vn
GTS CA 1P5
2023-07-09 -
2023-10-07
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
www.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh

This page contains 11 frames:

Primary Page: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Frame ID: AFD693878838DF4FE89EBAB67AA5803F
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html
Frame ID: 474A5D2319EDDC3F5A9E515069E9FD7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&adk=1812271804&adf=3025194257&lmt=1691513323&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322915&bpp=10&bdt=891&idt=175&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8551385390315&frm=20&pv=2&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Frame ID: 041FFC7DBE418AB9AB72947C02143FBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Frame ID: 98FE7A3E97B2F4AD17FBFA7330F85629
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 365D81A2C97A04CC5F283F476976FAAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=2224196301&adf=2996920399&pi=t.aa~a.337950186~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691513324&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513324979&bpp=1&bdt=2955&idt=1&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b0123cbd44852b5-22869f5d4cde00fd%3AT%3D1691513323%3ART%3D1691513323%3AS%3DALNI_MaU3RNi4OhCldDPYiLRiMdRnboCFQ&gpic=UID%3D00000d8980b38eb2%3AT%3D1691513323%3ART%3D1691513323%3AS%3DALNI_MYQl3SOY3EIuYg_XuqYbnvZ6UJq0g&prev_fmts=0x0%2C1200x280&nras=3&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&psts=AOrYGskM_8vCvqgFzshGv2smM0an7LVD-vt6fVrG36DHN8Kt6oVkxwXDftJ4tYDs0Kk7zQ4Dtah-Y6JxdgSsniCdLz6C1w&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GzWWw5XMG1&p=https%3A//timtruyen3shay.com&dtd=8
Frame ID: 526567854F5C969D907DD6BB16A24BF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Frame ID: CAF9A3D3128F225136218C5E69E68008
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Frame ID: C2C4E4CDEA3E23DAE1346EE925BA59A2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: E4546975EF8AF3C200C2C8FC547C52D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D08BB8065E8FF9F2BB6C9A032E0D84B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBD21507FF26A725756884C8E69ABEBB
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Mỗi Tuần Ta Có Một Nghề Nghiệp Mới [Tới Chap 242] Tiếng Việt | TimTruyen3s

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

98 %
HTTPS

93 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1771 kB
Transfer

3967 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L HTTP 301
  • https://tpc.googlesyndication.com/simgad/13693739128686457384
Request Chain 47
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CS4nO63HSZOnPD4Psn88PyMq2mALfjoaLcubKlf-jCZzskdn5GRABIIHv-psBYJWioIKwB6ABtdWO2QPIAQmpAhMP0DncW7I-qAMByAPLBKoE_AFP0MAH7dMHxeKJCWz5RSF14VRUxDlVzmsIe1KzSHjWyZKps5J8-iukOkcZ3qwkQo42tLzVXlR7adC6-IO-_M_lWnqvAt-s4oy_zGkob8WrH7ejZCDf0EWLAJxjbjsh83Wl3dpdiV1Kc5KXwq2WoQPAa6udHf103PKTz6DOZaoA_ftaeoidaMS2P5iGjloNlK83lqM-WZg66Szkfg3XazjDFA-ENRLIQmCw7ucrqsoYYikAACj1u5MIk5Fhlbmd-atgRcUSc6nIZxmHf1dQkGJFzjHMFMtMY1FCc2VwPZ9npPF7xtvOsJW-OHJMdBgZgIeRhwfoM8hDN_rj2jjABLujuaWMApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeKnLEvqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJ7ZBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCX9odHRwczovL3VybGF1Yi5jaGVjazI0LmRlL3ZlcmdsZWljaC8yMDA1LTYtNi0wL1RyYXVtaGFmdGVuJTIwVXJsYXViJTIwYnVjaGVuP3dwc2V0PWdvb2dsZV9yZWlzZW5fY29fZHluYV9yZW1hJmdjYW1pZD0yMDIzMDQ1MTY3gAoByAsBogwIKgYKBMOwsQLYEwuIFAXQFQGAFwGyFxwKGggAEhRwdWItMTU1MjYwODIwMDY4Njg5MBgA&sigh=F6fOzQdWnL0&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW819OI9Tzp9ulXu6G-zoFOzuwE9GU3BgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22387997445720853083%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992193205%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213357928334010717585%22}&andc=true

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
timtruyen3shay.com/
292 KB
16 KB
Document
General
Full URL
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c4e6a08bf9b620b9959cc07a67f90e76f71e7290871aa25d81300316d909d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f393f9399d3bbc8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 08 Aug 2023 16:48:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJMsBIm8U4J1CSA0MO6iXgTbKgHUgbY%2BIeHYrUsHBHqZEkytEnCxxGX2dUwEdlILFip1CeNy6I2QldTwrhmSjvKIYtQQy7pfouvu4mgKyldlmaih1M9uYip%2FUK7f3PV0tlkqXPvuNvGpj%2BxZ3AzaFkw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
fonts.googleapis.com/
0
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

bootstrap.min.css
timtruyen3shay.com/app/manga/themes/dark-v2/assets/css/
156 KB
24 KB
Stylesheet
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/css/bootstrap.min.css?v=1.72
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 08 Feb 2022 23:20:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6202fad6-26f21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mpa1AyPP3OF3vSOvx5ZMKLYJwY8atJj0YwKzCma84st3xtJKQm43GJQ2cnHaefei4BHidfdDxD3y3wxCXw5LDu2Rokij8RZgRClBwZzvlnW77ztsfZ%2BIxtuUYITO9XWGboVMIK9sPao5q%2FixlCntYe4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7f393f96ce48bbc8-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 09 Aug 2023 04:48:42 GMT
all.min.css
timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61ef40ae-e7ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw%2Fp8JKI1O5aSsmi0hpn63JUQhlEA%2BQnDRo%2F2S63UimPFEhGG73k8rKhW%2FFGy8nFHDJZyN9dGPWsrMiE%2FaxPmmDfEL49jZwHC6yPjglfhXVVLjdmyN5VUHav5t51xWsQAw27PM%2Fn8fc5s2FkLRUq3pM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7f393f96de4ebbc8-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 09 Aug 2023 04:48:42 GMT
styles.min.css
timtruyen3shay.com/app/manga/themes/dark-v2/assets/css/
235 KB
41 KB
Stylesheet
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/css/styles.min.css?v=1.72
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fba37f8d0b5de5acbc7a577a33ec7f4554e344a0925cefcc5668c8ab1b4a073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 15 May 2023 05:35:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6461c49a-3adbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiu%2FM6L7KUu3o1oNsHXw5ud9yOTRguukKRpX02DoQ202IigTlZQQJavtGJuT9OTzfn0t79lhE28pamiZp1jILD0wGqGEaVtNavbLkLzZCqZgP4z0Pgg5nF0a7eFlBGe0ccDjJDomo9%2BEF8ExtR6RvTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7f393f96de50bbc8-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 09 Aug 2023 04:48:42 GMT
PoppinsVN-400.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/
52 KB
53 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/PoppinsVN-400.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5f721d6793228e5609e97f89a8255d4a99d33b8030c1849147fdf7f257eb85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-d0ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smBx1YB160csMwt0RFRqvX7WnC7D2SPxvSMEf5M12pVWrsdLszchh3vl6L2xmTJlOPkP6o%2Bk5sr0C6dXMV4r6rPj3qIXCHfVT45voi%2B%2BZmh%2BLlDgFdp%2Fq5KTx3AO5Idc6wDT8twRxY4O6NdGS2FU01M%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f96de52bbc8-FRA
alt-svc
h3=":443"; ma=86400
content-length
53420
PoppinsVN-500.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/
52 KB
52 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/PoppinsVN-500.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c635f10ed3b04776f20a73bc7989608b095228dab491bdc81d824636f6a1fa8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-cf80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99BiUSqRZYneDfcu2fpg7RPk5j7Db9F4ezh%2Fx0uBc33XrviTvHfUXIliIVD7eZdMO2cSqoe%2BoDJTJHBBnRkuuPw%2BIFoQvmuk0bGt7u9XtjPLHaqm%2Bg4HvKQ%2BweKP54rr1w34Cef%2BnWonVJfcJ%2Ba6yMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f96de53bbc8-FRA
alt-svc
h3=":443"; ma=86400
content-length
53120
PoppinsVN-600.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/
52 KB
52 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/PoppinsVN-600.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ab6ea5763fed0f4b824004f7fe8a93c561356113bd62b29b6741d0cead7af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-ce94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6umCt4CIrdqqmU3aIbQEMvzNLME%2FD8DzEp5ZVpIJg39q7la2FbkGU1LmUBNvDEoUUPWFJHZ%2FDr%2FlTY2WOeiYts1jvWsPUE5VI2NC9L68TvntrVCRGi%2FEiM8cMtPBU10lZPiIcUGPKYOQjGxfLIC1s4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f96de55bbc8-FRA
alt-svc
h3=":443"; ma=86400
content-length
52884
PoppinsVN-700.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/
51 KB
52 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/fonts/PoppinsVN-700.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
981e7ae07571293491f0ef050039e73e52b0d307200ca1300b69b37c18e017d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-cde8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAsIqVAR%2Bt4KU7kP5hmxuJykAq3PXH4PI3t9X6k6PW1Imm4TLHS9eTesNsz5hj8bL4ApGPBfBdiwkS3Gkyrb3Nc6TvlGTQxVt570V%2FTOJddJ%2FoSrnsYazEjV4mjyK04QzyG8EaX5FpryDQ9X%2F2W6ebE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f96de56bbc8-FRA
alt-svc
h3=":443"; ma=86400
content-length
52712
jquery.min.js
timtruyen3shay.com/app/manga/themes/dark-v2/assets/js/
85 KB
31 KB
Script
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/js/jquery.min.js?v=1.72
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 29 May 2022 14:00:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62937c96-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO%2BiRaYPLAt33CL%2FlcfLFwgXQ%2BATAO9LZL8cnhIf2H0CDwEAIGTW7dkx%2BbtPZd3MPDwhqN6ghiWGAr6BHDV%2FRxJragU4sxc6fmgg70UDdFkz%2BzqjceYZkTXXbouZQVGfcx5%2BnmCDQi2dw%2FkOSuypVCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7f393f96de57bbc8-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 09 Aug 2023 04:48:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1552608200686890
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
924dcf9a6327bf0f1d1b8ee4ccd04424b43b6fdd81a61ef980e57a476f76849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50649
x-xss-protection
0
server
cafe
etag
5301194947746977646
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 08 Aug 2023 16:48:42 GMT
js
www.googletagmanager.com/gtag/
247 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KJXHB2FQHH
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ac7e2708ceae0d8f82fea9447361f61c7c946e276695a8ed6e9ca9526b716d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86132
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 08 Aug 2023 16:48:42 GMT
logo.png
timtruyen3shay.com/uploads/logos/
59 KB
60 KB
Image
General
Full URL
https://timtruyen3shay.com/uploads/logos/logo.png
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4479e5379cd4d3f7ceeea71dd1cebd8ebe346c63a45fe8a7ec4c8d9fb5d028d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2525243
alt-svc
h3=":443"; ma=86400
content-length
60891
last-modified
Wed, 29 Jun 2022 13:32:58 GMT
server
cloudflare
etag
"62bc548a-eddb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrfJIVIi15L%2BVPtHyc1HUsMpBYNOiCngG00xDVLVhjmJQCffSR521sl3f31sPL35kgJ4zZU5u0F4JCelfeJT6sjpD2DKBmauSP3wyzgvpZLIplC51tlzkKU4d9JpJyqTjlAQWlWxQ7tYrU2RotWzacg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b2e223aa2-FRA
expires
Wed, 09 Aug 2023 11:21:19 GMT
moi-tuan-ta-co-mot-nghe-nghiep-moi.jpg
i.timtruyen.xyz/covers/
18 KB
19 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/moi-tuan-ta-co-mot-nghe-nghiep-moi.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e968930446745c190d6cbdb3e761370a6a8f23beba4560d08b4d39e48ced33d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Aug 2022 07:57:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62f4b66d-4947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjU4lNFKBtBX45hQALqyuoFWGLFGhMHqWulkDKM0EstFzANZqzU1WWCuAhHRDSrvE8wFDwy%2Bnj7BVt53ZrkaMOprJbDiiNtYduQpvljg8nTY0F1r9mjvjYE8D%2B1lHax01xXDmm7ytxYCqY5W0NM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba2bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
18759
expires
Thu, 07 Sep 2023 16:48:43 GMT
dau-bep-tre-nhat-toi-tu-khach-san-hang-ba.jpg
i.timtruyen.xyz/covers/
24 KB
24 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/dau-bep-tre-nhat-toi-tu-khach-san-hang-ba.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a367f52694c0eb65f9cd519c8fcc126d7b240c70275be4f880e50a634d5ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Sun, 26 Jun 2022 15:33:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62b87c34-602e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBgaJ%2Bxwi%2BEg9q88d%2BX6fUAWgg1fh9j1ju8%2FMItkceT9rXPVvUvfJ7FxVbyTZPMbR1J8Y1M568CMrjkVhvzYd3pYKbhMYDqBo2p6F6dyJor4ScdKLNd7Htdd8prIITFtxbG1lNNoipTbxylpDUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba3bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
24622
expires
Thu, 07 Sep 2023 16:48:43 GMT
me-toi-la-chom-sao-bao-ho.jpg
i.timtruyen.xyz/covers/
19 KB
19 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/me-toi-la-chom-sao-bao-ho.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bab3532c6263a78a4801c8e54582924734d47b314676d6b8ccbe29c3c309e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 01:49:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6344cbb2-4c09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRQKYehlYnMd%2B9Quh%2BjzhsyimT1lO3EcKVlkkftcYLhwkAjgHbZpYiTrf%2FYn88ooJPdVNkRAVBcCRwtq0baqtVtkv48A863nKYIBBlHetYrSeCtqA6HkBVjJauc6uhIZeAp%2FMzcmdKIHxVr9C0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba5bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
19465
expires
Thu, 07 Sep 2023 16:48:43 GMT
3c874364a57465115114c00c922950c1.jpg
i.timtruyen.xyz/covers/
61 KB
61 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/3c874364a57465115114c00c922950c1.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d363bd1ae541da3e6029b84590a9fd9e2a71579af162c39fc06a08ba923cd897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Oct 2022 15:43:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"634c26bf-f3d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFvKxp8T4OSbuRBfhZtwLhM71SjLHj1Ag5ltlWKVtOW7DSZ0cboB3gHU3C3Te9OsEcqgE%2B7AEV%2FByu47cVGCEYjSMztMPyk7Towl3nPxB9E4Xb7ycqtXyeZcnrp4sWK3ON99GOScEuz5KrpPsbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba6bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
62418
expires
Thu, 07 Sep 2023 16:48:43 GMT
d755c2e48c8237ef76edb42cbc80f139.jpg
i.timtruyen.xyz/covers/
45 KB
46 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/d755c2e48c8237ef76edb42cbc80f139.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e225b59d575d4881369e6ee30817222ce0c74a9fda5bf6288d6819a0047e727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 15:31:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"634d7543-b505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cevVWBPn5QMG0%2FiSrj01fYapljdDmLc6hhlf9XyWPOpzlq%2BprAKGuRw2lvR5OLTohFW3SyAoSx%2FzhnzDsDl%2F5fqv6SpP0%2B10E%2BfhfZpsNQDYmLHKB6G2wgvluFIM1OX8B1kLKwI7qO8JqKRSaNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba7bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
46341
expires
Thu, 07 Sep 2023 16:48:43 GMT
393b6d63d659a48642b15e957ddef4f8.jpg
i.timtruyen.xyz/covers/
67 KB
68 KB
Image
General
Full URL
https://i.timtruyen.xyz/covers/393b6d63d659a48642b15e957ddef4f8.jpg
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7e019c4c624a344f1a5129aac30bac664990d2c525de0df56a7d5aa8a96b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
cf-cache-status
MISS
last-modified
Sat, 01 Oct 2022 06:33:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6337df3b-10d94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzpCGpJPeHgyARg8Qw81s0IVlGo%2BrDlpNlE2LNybq431z0%2B0L7Qsm7vviVjyFWWthRn8iicH3RhC%2F5eivPPDcMaG%2FOQGnO3LkKhImT2L%2BDC9zu0y8z7IYRQvBQy076Xe1I4KC0i8BJyuEXhy3GU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b6ba8bb7d-FRA
alt-svc
h3=":443"; ma=86400
content-length
69012
expires
Thu, 07 Sep 2023 16:48:43 GMT
email-decode.min.js
timtruyen3shay.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://timtruyen3shay.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 16:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64cd276f-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgRYS8eDOz0M%2Fq9DoZegg5alHwZL1%2FduVW3yw1ZvFBm067eEvpjunr1%2Fz0qJdGuzC14XR1l%2BgZAQ2P6dlTywHYOz4Fi8gjTwSdZm2u4Udo0jognAdR0t4Tv5uB2YRXfyd6MU9BNembmIWDoHPmpT%2F%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f393f998bd53aa2-FRA
expires
Thu, 10 Aug 2023 16:48:42 GMT
d9d4f495e875a2e075a1a4a6e1b9770f.js
cdn.aanetwork.vn/code/d/9/
6 KB
3 KB
Script
General
Full URL
https://cdn.aanetwork.vn/code/d/9/d9d4f495e875a2e075a1a4a6e1b9770f.js
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:16fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff039d6fdae86970fbc418dcee3b3b4d4e2b3192a15ea73a42a1a717d3d7304
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 07:37:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d09f40-1730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2BQMl8zkhRvDNQHXFupPoozk1tY5qzknI1UvEnE%2Bb74ogNUwkDFX91IzwLBwOiDrChecv6l%2FVg2wwJ19PtmSBRkeQSxuGHlmPSs5Ock%2B9y5Nbkaqw%2B0hrnpiCO6aAHFTapII0PTbk%2BUgr0CpC5p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
7f393f99c893906a-FRA
alt-svc
h3=":443"; ma=86400
fa7cdfad1a5aaf8370ebeda47a1ff1c3.js
cdn.aanetwork.vn/code/f/a/
2 KB
2 KB
Script
General
Full URL
https://cdn.aanetwork.vn/code/f/a/fa7cdfad1a5aaf8370ebeda47a1ff1c3.js
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:16fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3760c87a98c68c2d7bc327274efb7066b5af059acbe9d9ba6e6214c685c880
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://timtruyen3shay.com/
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 01:08:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64c07227-8a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSS4Dh5K6O6%2B6jmTFUIRhfSHpFkCNNe0HF7fbIUH56I83v3N8AxlDgJ%2BhSTzBCGgIkF6XFlbkdvSyk2Lq5BavTTdFDYOO5IAz%2Ff5nGPcd4xJ5XcnK0UD%2BpdumTmY0o6Y8OdKBpxD0n9a3uELpoFZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
7f393f9b4c981cb9-FRA
alt-svc
h3=":443"; ma=86400
app.min.js
timtruyen3shay.com/app/manga/themes/dark-v2/assets/js/
232 KB
67 KB
Script
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/js/app.min.js
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655b718a3840f38b9ba148576616a5c46dfedd02c852398b3792ce76a01a631c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24087
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Jul 2022 10:57:30 GMT
server
cloudflare
etag
W/"62cab09a-3a008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCMkqSzSPWYz8cFir2ZDzLlYvhisOpcJGXAwRzlsX%2FEDDycuarUhXu10UpaQVIpHII%2B9kzMktrWDBtuQCXQ%2FmVrhxZNf1EbK%2BBEqUn3hpf9vj9UvRaLMiDIlFOht2XOq9MCn0k8mG0TcyMTrE5VuIL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7f393f9afdea3aa2-FRA
expires
Tue, 08 Aug 2023 22:07:14 GMT
fa-solid-900.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VejNQ6ebTmI21XDkH27%2FpKHRlV10uuOaDhOLshfTtZ%2FQNOH9uuwOlMYKeuqMr2SjEMlYszGJMGQd7RLs7YGAMpUWr8kwsdJywKnZgn6WuF2vsifJ1uA%2F53Pi6pCprDK6rASUVFxF2VfI4SJzBQICY%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b5e693aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
78268
fa-brands-400.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/
75 KB
75 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-12bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RELS1kdOoENhuVGnBHdtW8GqTJUg44%2BQEv1Vm9tPGf7e8P9DmN8MlxLatRJr2Ede%2FFc2WrP2%2FclJtWvDJaVWcjX3l8%2Fc%2F1iZ1ncGpiRfkjrztFPVEGcnGM10HNk5VOhu8x5TGWSlEvt%2B%2FNX2Xa5ydd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b5e6b3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
76736
fa-regular-400.woff2
timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/
13 KB
13 KB
Font
General
Full URL
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:fbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://timtruyen3shay.com/app/manga/themes/dark-v2/assets/libs/fontawesome/css/all.min.css
Origin
https://timtruyen3shay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Tue, 25 Jan 2022 00:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61ef40ae-33a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmxmeZYSay5dbbxZRn3%2F5whhDZR6e%2BrGL1XaQEpk4hCm%2FbXho01aZIeHQnRKYwrYVS8%2BZgItwI%2FqmRS96tgsfuzobmCr1VgMpakX1SqvXMFjzGhgVVIttma6rjTYBKRSWNpDxLGbHWAyOGWGhSx%2BDxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f393f9b5e6c3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
13224
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/
372 KB
125 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1552608200686890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a49cc1125ac1ff8ab5d8bcdb1773a8a836d2078c9f04de7fc78d47a5d569732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128319
x-xss-protection
0
server
cafe
etag
4092801858357713922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 08 Aug 2023 16:48:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/ Frame 474A
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1552608200686890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:41:05 GMT
etag
12368291122986407432
expires
Tue, 22 Aug 2023 16:41:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4422631680384614&num=0&dvc=0&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KJXHB2FQHH&gtm=45je3820&_p=176382681&cid=1350752263.1691513323&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691513322&sct=1&seg=0&dl=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&dt=M%E1%BB%97i%20Tu%E1%BA%A7n%20Ta%20C%C3%B3%20M%E1%BB%99t%20Ngh%E1%BB%81%20Nghi%E1%BB%87p%20M%E1%BB%9Bi%20%5BT%E1%BB%9Bi%20Chap%20242%5D%20Ti%E1%BA%BFng%20Vi%E1%BB%87t%20%7C%20TimTruyen3s&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KJXHB2FQHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://timtruyen3shay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
403 B
610 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=timtruyen3shay.com&callback=_gfp_s_&client=ca-pub-1552608200686890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da0a423111990bd5ce29fb5c866ae307e6c3b3a3c5da30a3954fadf05c3dee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 041F
224 KB
55 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&adk=1812271804&adf=3025194257&lmt=1691513323&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322915&bpp=10&bdt=891&idt=175&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8551385390315&frm=20&pv=2&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81c317aba15a898bce37eb3d4ad64f787bf0fd042b42654fff9fd70e9d9f655a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:48:44 GMT
expires
Tue, 08 Aug 2023 16:48:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98FE
132 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e0d80465c556001e9f2b81705e6cf909aea6ef8613d847ea328c34143264ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41425
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:48:44 GMT
expires
Tue, 08 Aug 2023 16:48:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 98FE
4 KB
949 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Aug 2023 16:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 15:08:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Aug 2023 16:48:44 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 98FE
2 KB
973 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:47:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
10847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:47:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 98FE
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9098
x-xss-protection
0
server
cafe
etag
16188647127460483431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:46:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 98FE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
78272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Aug 2023 19:04:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 98FE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 15:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
4372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:35:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98FE
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 16:48:44 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame 98FE
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 18:41:42 GMT
2871130425405473849
tpc.googlesyndication.com/gpa_images/simgad/ Frame 98FE
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/2871130425405473849
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee407b709ce616c5453a5057299e92d704d943cbb9161f365bd7c82a3410789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 04:28:56 GMT
x-content-type-options
nosniff
age
389988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14897
x-xss-protection
0
last-modified
Tue, 23 May 2023 22:06:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Aug 2024 04:28:56 GMT
4045879285539881949
tpc.googlesyndication.com/gpa_images/simgad/ Frame 98FE
107 KB
107 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/4045879285539881949
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b02c87b8471199ab1a64fec6d919de08d73e94c70bc935597c1bb2c51af151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:40:40 GMT
x-content-type-options
nosniff
age
335284
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109484
x-xss-protection
0
last-modified
Sun, 21 May 2023 10:07:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Aug 2024 19:40:40 GMT
566849919357465658
tpc.googlesyndication.com/gpa_images/simgad/ Frame 98FE
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/566849919357465658
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ece0fc04ed7603cedae771f2dae18e9f370dcb0227b8a3140d971713a6d9d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:21:22 GMT
x-content-type-options
nosniff
age
336442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19462
x-xss-protection
0
last-modified
Mon, 22 May 2023 04:17:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Aug 2024 19:21:22 GMT
11132785261108763208
tpc.googlesyndication.com/gpa_images/simgad/ Frame 98FE
23 KB
23 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/11132785261108763208
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
974d8d036003eb9bb7fbb682b86c930102dce1b1843f9762b03cae16495dcf94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 10:46:36 GMT
x-content-type-options
nosniff
age
280928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23087
x-xss-protection
0
last-modified
Mon, 22 May 2023 02:29:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Aug 2024 10:46:36 GMT
13693739128686457384
tpc.googlesyndication.com/simgad/ Frame 98FE
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L
  • https://tpc.googlesyndication.com/simgad/13693739128686457384
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13693739128686457384
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H2
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 16:18:28 GMT
x-content-type-options
nosniff
age
261016
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12978
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 15:26:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Aug 2024 16:18:28 GMT

Redirect headers

date
Tue, 08 Aug 2023 12:57:59 GMT
x-content-type-options
nosniff
server
cafe
age
13845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13693739128686457384
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 12:57:59 GMT
truncated
/ Frame 98FE
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b781998a8eb46c3fe26f5308dfdf5c1c85f8f491aa6e4994fb5dd2f007fdc2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 98FE
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 22:40:13 GMT
x-content-type-options
nosniff
age
238111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 22:40:13 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 98FE
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:20:48 GMT
x-content-type-options
nosniff
age
286076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 09:20:48 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 98FE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CS4nO63HSZOnPD4Psn88PyMq2mALfjoaLcubKlf-jCZzskdn5GRABIIHv-psBYJWioIKwB6ABtdWO2QPIAQmpAhMP0DncW7I-qAMByAPLBKoE_AFP0MAH7dMHxeKJCWz5RSF14VRUxDlVzms...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22387997445720853083%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%222...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22387997445720853083%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992193205%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213357928334010717585%22}&andc=true
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:44 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"387997445720853083","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992193205"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"13357928334010717585"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 08 Aug 2023 16:48:44 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 08 Aug 2023 16:48:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"387997445720853083","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992193205"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"13357928334010717585"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame 365D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=599295177&adf=4024327785&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691513323&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513322925&bpp=3&bdt=901&idt=228&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZQek2Xfw05&p=https%3A//timtruyen3shay.com&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 10:02:25 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22387997445720853083%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992193205%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213357928334010717585%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 08 Aug 2023 16:48:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c09a0406ed76856a110b1262ace08e670137ed77397fef0b43af4ab4054f76dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53653
x-xss-protection
0
server
cafe
etag
1118388945055506977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Aug 2023 16:48:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-1552608200686890&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=807559106478121&num=0&dvc=0&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5265
430 B
227 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1552608200686890&output=html&h=280&adk=2224196301&adf=2996920399&pi=t.aa~a.337950186~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691513324&rafmt=1&to=qs&pwprc=1859288958&format=1200x280&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691513324979&bpp=1&bdt=2955&idt=1&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b0123cbd44852b5-22869f5d4cde00fd%3AT%3D1691513323%3ART%3D1691513323%3AS%3DALNI_MaU3RNi4OhCldDPYiLRiMdRnboCFQ&gpic=UID%3D00000d8980b38eb2%3AT%3D1691513323%3ART%3D1691513323%3AS%3DALNI_MYQl3SOY3EIuYg_XuqYbnvZ6UJq0g&prev_fmts=0x0%2C1200x280&nras=3&correlator=8551385390315&frm=20&pv=1&ga_vid=1350752263.1691513323&ga_sid=1691513323&ga_hid=176382681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076731&oid=2&psts=AOrYGskM_8vCvqgFzshGv2smM0an7LVD-vt6fVrG36DHN8Kt6oVkxwXDftJ4tYDs0Kk7zQ4Dtah-Y6JxdgSsniCdLz6C1w&pvsid=3547984543542772&tmod=1063067616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GzWWw5XMG1&p=https%3A//timtruyen3shay.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c155090ca764a4b0a819face86685855bf7af4c04e503dfcc8716a2edb3b44a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:48:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-1552608200686890&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230807_103724&sat=1691506895461&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=1&mdns=0&alldns=0.222&allp=75&fd=(0%2C11%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2526&abl=false&rr=n&su=timtruyen3shay.com&pvc=3547984543542772&r=0.1&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-1552608200686890&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/ Frame CAF9
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 13:06:54 GMT
etag
12368291122986407432
expires
Tue, 22 Aug 2023 13:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame CAF9
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Aug 2023 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 15:04:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Aug 2023 16:48:45 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CAF9
205 B
519 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:11:14 GMT
x-content-type-options
nosniff
age
23851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Aug 2024 10:11:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CAF9
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 14:58:11 GMT
x-content-type-options
nosniff
age
179434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 05 Aug 2024 14:58:11 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame CAF9
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
81417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6416
x-xss-protection
0
server
cafe
etag
10587074671346547413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Aug 2023 18:11:48 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame CAF9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
10305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8604
x-xss-protection
0
server
cafe
etag
15357628606984112601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:57:00 GMT
css
fonts.googleapis.com/ Frame C2C4
4 KB
632 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Aug 2023 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 15:55:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Aug 2023 16:48:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C2C4
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:47:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
10848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:47:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame C2C4
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9098
x-xss-protection
0
server
cafe
etag
16188647127460483431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:46:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C2C4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
78273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Aug 2023 19:04:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C2C4
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 15:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
4373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:35:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2C4
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 16:48:45 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame C2C4
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 18:41:42 GMT
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame E454
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 10:02:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 98FE
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ0rV49zn6xQATQ9kqG_qkFn16OdIal88Kqub0F7zjPEJuDobjs8Cuw1od-bsxT46TrAbhWQ02MBTS_h4C36vlyxM9INGVxC1p_wUA8tRsW5ArTZfkgCwwBArDG6mHZ3ugzLTZ5DciCwL-&sai=AMfl-YSXQ1wDEturnXlTKUEZ51yk6kEBaVLi_m5JDRONwiaLnZ0FNvSY6H6A8kc67f0VzWe-81wZk3kLKvaS&sig=Cg0ArKJSzIe2HC5Gih5nEAE&cid=CAQSGwBpAlJW819OI9Tzp9ulXu6G-zoFOzuwE9GU3BgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=599295177&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691513323156&rpt=1172&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2224196301&adf=2996920399&fmt=1200x280&str=true&ad_y=1840.625&vph=1200&r_nh=0&r_ifr=true&qid=CKa9_5bCzYADFa3L5wMddTsHoA&w=1200&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Ftimtruyen3shay.com%2Ftruyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html&eid=44759875%2C44759926%2C44759842%2C31076731
Requested by
Host: timtruyen3shay.com
URL: https://timtruyen3shay.com/truyen-moi-tuan-ta-co-mot-nghe-nghiep-moi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 16:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230803&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec692f11ac4060d32c1ae315967dc4926d04794a0ba1e68baf8c503e39e318cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11764
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1552608200686890&plah=timtruyen3shay.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:48:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D08B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:09:17 GMT
expires
Wed, 07 Aug 2024 16:09:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FBD2
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9ac65c511534c1b237c6dee30890dba314f116f26ce3ad4bc86de69525188af9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NWmDqOAnH1VdID4BcsrHsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://timtruyen3shay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-NWmDqOAnH1VdID4BcsrHsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 16:48:45 GMT
expires
Tue, 08 Aug 2023 16:48:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame D08B
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 10:02:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FBD2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230803&jk=3547984543542772&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame D08B
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?3PkvxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:48:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230803&jk=3547984543542772&bg=!YGOlYzfNAAZGOVy5Zjk7ADkAdvg8WtfUtHLjM2j6QQF3Y4D-A4O1lSFhRkuWXjJLH4MPMHjSqYbDCOLOjg96GnAaK5kQN5rCzusCAAAARFIAAAAFaAEHCgCCyAoASLJ8Y_6yBHUZFcHzAna4usMdAPW32PTFgEGIuH0pCF9y5MXOJ7JKk9eE73362zkpi9sw09P9czK5xBdBVw0BNqkngzlGE2W9aNRy_UpaQQKDtXMv-u0lD6qni303PTMlTDgij5YowwV4Rtm2cQOK_qXH-qETD-2AYN61Ug92cpkCsd2zLR600Sjwd1VM1hPTPmkg9jgSBkRLbZ2b1qrOcifRx57Z-09MemvBdiP0cusOzZn84mZIuM8k4eZEkrdTaUcg_XJeFAjpSto3QM4cbd1k9av2IDjxkt7inkifAbLnmuaJgfB7Tq6RF5brsjMwtsx4HfWKkRQXQYAwbBc8bmRFUX-q8LRNs6O6TrtZGlU0NPO6PlOuD1m65YC7IqRX9TV708R2xk7abRG_-WNBk7Ipn_Ow7hgqeFxlKjIkC_dLmFBMpk97OSiazWHM0AAj2rYiFK-Pd3vi890wl7iOmd4tJyKKykaOwYSBHyE-FD7l5-zSQMqA21q9G0wMUdQHipigZbSFAJa1iBqDCvGkOAcKtYVoLrbPc4ldG_G5xPedAj163L2gHuroM4mwFo-3X8vjp0lK2ZfHIft_yJ7ZSNoY37EXDkqmqw3t8027G-bD3JcQAmDvQNY1k97qiTyM3U_7dzFiJFqCEYnArM4AGzTz72heZzCqJIBBcDDCtQ5U42Vdb1mT7U-0KifD4Ni-FBYreV81kTvlve3UNvMfUJniUQTvmmANXcmFwp6jdWum8DeuSADcMTlI0TdaJ71AFBHBa1mcz2h5t0R5XM0nBTDmGq53RuT30QuNbAA9UPL1XcokHpU64V4jR6KYdn7bVMivwfobojf588tVZScUCiQLecQsnwm0nBWo5WDd8aA2YvtMjdHImCQb3-Z_TNjfKTVk0HwVsZRSnNwIe93-lC0emjPKL6B4FD6KXtpkx4CRrCo9Gleb3w8RZC6BZR8OKXUix6jEcvwVrHvyXcPRAqRKBAVMCaPIzkBRXePkLmAgYKRWHErUojuYj8hUhs3djvnZbLq3I0uzvf3_4UWwfYPT-T4yj2h4gEZ4oP1-WhpPjMZlWOpST9IKaN4lUyOYkDll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timtruyen3shay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| $ function| jQuery string| siteURL string| ttazPage string| userName string| userId function| gtag object| dataLayer string| uiMode function| activeUiMode string| isLoggedIn boolean| isLoading boolean| clickedRecaptcha undefined| forgotRecaptcha undefined| registerRecaptcha undefined| malImportRecaptcha boolean| loadedRecaptcha function| checkLogin function| paginationGetData function| compareValues boolean| hideResults object| timeout function| read_noti function| loadManga object| bootstrap object| toastr function| lazyload function| LazyLoad object| Cookies function| Swiper object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
timtruyen3shay.com/ Name: X_CACHE_KEY
Value: 8acb261c6f5107d8d52eb3d0260074df
timtruyen3shay.com/ Name: PHPSESSID
Value: r6o6lt065n7dfsplvanvuih3g4
.timtruyen3shay.com/ Name: _ga_KJXHB2FQHH
Value: GS1.1.1691513322.1.0.1691513322.0.0.0
.timtruyen3shay.com/ Name: _ga
Value: GA1.1.1350752263.1691513323
.timtruyen3shay.com/ Name: __gads
Value: ID=3b0123cbd44852b5-22869f5d4cde00fd:T=1691513323:RT=1691513323:S=ALNI_MaU3RNi4OhCldDPYiLRiMdRnboCFQ
.timtruyen3shay.com/ Name: __gpi
Value: UID=00000d8980b38eb2:T=1691513323:RT=1691513323:S=ALNI_MYQl3SOY3EIuYg_XuqYbnvZ6UJq0g
.doubleclick.net/ Name: IDE
Value: AHWqTUlPYtqhpKC4vaHzSWBI-5btZ_LeKeTDss_B3jfT58dgq-8eqTdkhoULE4K-G3U
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.aanetwork.vn
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.timtruyen.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
timtruyen3shay.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.34
2001:4860:4802:32::36
2606:4700:3035::6815:fbb
2606:4700:3037::6815:16fd
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a06:98c1:3121::3
08a367f52694c0eb65f9cd519c8fcc126d7b240c70275be4f880e50a634d5ca2
0e5f721d6793228e5609e97f89a8255d4a99d33b8030c1849147fdf7f257eb85
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19c4e6a08bf9b620b9959cc07a67f90e76f71e7290871aa25d81300316d909d8
1a49cc1125ac1ff8ab5d8bcdb1773a8a836d2078c9f04de7fc78d47a5d569732
1ac7e2708ceae0d8f82fea9447361f61c7c946e276695a8ed6e9ca9526b716d9
23ab6ea5763fed0f4b824004f7fe8a93c561356113bd62b29b6741d0cead7af0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b02c87b8471199ab1a64fec6d919de08d73e94c70bc935597c1bb2c51af151
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e0d80465c556001e9f2b81705e6cf909aea6ef8613d847ea328c34143264ad2
2e225b59d575d4881369e6ee30817222ce0c74a9fda5bf6288d6819a0047e727
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f7e019c4c624a344f1a5129aac30bac664990d2c525de0df56a7d5aa8a96b96
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655b718a3840f38b9ba148576616a5c46dfedd02c852398b3792ce76a01a631c
6b781998a8eb46c3fe26f5308dfdf5c1c85f8f491aa6e4994fb5dd2f007fdc2f
6e3760c87a98c68c2d7bc327274efb7066b5af059acbe9d9ba6e6214c685c880
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7fba37f8d0b5de5acbc7a577a33ec7f4554e344a0925cefcc5668c8ab1b4a073
81c317aba15a898bce37eb3d4ad64f787bf0fd042b42654fff9fd70e9d9f655a
87bab3532c6263a78a4801c8e54582924734d47b314676d6b8ccbe29c3c309e6
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ff039d6fdae86970fbc418dcee3b3b4d4e2b3192a15ea73a42a1a717d3d7304
90ece0fc04ed7603cedae771f2dae18e9f370dcb0227b8a3140d971713a6d9d8
924dcf9a6327bf0f1d1b8ee4ccd04424b43b6fdd81a61ef980e57a476f76849b
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
974d8d036003eb9bb7fbb682b86c930102dce1b1843f9762b03cae16495dcf94
981e7ae07571293491f0ef050039e73e52b0d307200ca1300b69b37c18e017d0
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9ac65c511534c1b237c6dee30890dba314f116f26ce3ad4bc86de69525188af9
9da0a423111990bd5ce29fb5c866ae307e6c3b3a3c5da30a3954fadf05c3dee4
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aee407b709ce616c5453a5057299e92d704d943cbb9161f365bd7c82a3410789
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
c09a0406ed76856a110b1262ace08e670137ed77397fef0b43af4ab4054f76dc
c155090ca764a4b0a819face86685855bf7af4c04e503dfcc8716a2edb3b44a0
c635f10ed3b04776f20a73bc7989608b095228dab491bdc81d824636f6a1fa8d
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d363bd1ae541da3e6029b84590a9fd9e2a71579af162c39fc06a08ba923cd897
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e968930446745c190d6cbdb3e761370a6a8f23beba4560d08b4d39e48ced33d7
ec692f11ac4060d32c1ae315967dc4926d04794a0ba1e68baf8c503e39e318cb
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f4479e5379cd4d3f7ceeea71dd1cebd8ebe346c63a45fe8a7ec4c8d9fb5d028d
f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723