checkout.thoravirilv12.com Open in urlscan Pro
2606:4700:3037::6815:2361 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thoravirilv12.com/thv/checkout/p1/
Effective URL:
https://checkout.thoravirilv12.com/
Submission: On March 11 via api (March 11th 2021, 8:38:24 pm UTC) from BR

Summary HTTP 117 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 24 domains to perform 117 HTTP transactions. The main IP is 2606:4700:3037::6815:2361, located in United States and belongs to CLOUDFLARENET, US. The main domain is checkout.thoravirilv12.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.

This is the only time checkout.thoravirilv12.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:303... 2606:4700:3037::6815:2361	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:4e44::	15169 (GOOGLE) (GOOGLE)
4	52.213.66.185 52.213.66.185	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7 8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7 14	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.108.145.107 104.108.145.107	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:4b:... 2a04:4e42:4b::621	54113 (FASTLY) (FASTLY)
1	2a04:4e42:4a:... 2a04:4e42:4a::621	54113 (FASTLY) (FASTLY)
117	28

19 2606:4700:3037::6815:2361 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thoravirilv12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkout.thoravirilv12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:4e44:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.66.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-66-185.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

topdanet3.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:4b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:4a::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	thoravirilv12.com 1 redirects thoravirilv12.com checkout.thoravirilv12.com	928 KB
18	googletagmanager.com www.googletagmanager.com	745 KB
15	google.de www.google.de	2 KB
15	google.com 7 redirects www.google.com analytics.google.com	5 KB
15	doubleclick.net 7 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	13 KB
8	googleadservices.com www.googleadservices.com	21 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	82 KB
4	blogger.com www.blogger.com	56 KB
4	revcontent.com trends.revcontent.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	blogspot.com topdanet3.blogspot.com	22 KB
3	cloudflare.com ajax.cloudflare.com	12 KB
2	jsdelivr.net cdn.jsdelivr.net	361 KB
2	facebook.com www.facebook.com	624 B
1	googleapis.com fonts.googleapis.com	935 B
1	navdmp.com tag.navdmp.com	3 KB
1	outbrain.com amplify.outbrain.com tr.outbrain.com Failed	3 KB
1	facebook.net connect.facebook.net	24 KB
1	blogblog.com resources.blogblog.com	136 KB
1	googleusercontent.com themes.googleusercontent.com	23 KB
1	rtmark.net my.rtmark.net	1 KB
1	zemanta.com p1.zemanta.com	184 B
0	mgid.com Failed a.mgid.com Failed
0	meiahora.info Failed portalsaude.meiahora.info Failed
117	24

	Domain	Requested by
18	www.googletagmanager.com	ajax.cloudflare.com topdanet3.blogspot.com www.googletagmanager.com checkout.thoravirilv12.com
16	checkout.thoravirilv12.com	thoravirilv12.com checkout.thoravirilv12.com
15	www.google.de	topdanet3.blogspot.com
14	www.google.com	7 redirects topdanet3.blogspot.com
14	googleads.g.doubleclick.net	7 redirects www.googleadservices.com
8	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
5	fonts.gstatic.com	topdanet3.blogspot.com fonts.googleapis.com
4	www.blogger.com	topdanet3.blogspot.com
4	trends.revcontent.com	thoravirilv12.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	topdanet3.blogspot.com	thoravirilv12.com topdanet3.blogspot.com
3	ajax.cloudflare.com	thoravirilv12.com checkout.thoravirilv12.com
3	thoravirilv12.com	1 redirects thoravirilv12.com
2	cdn.jsdelivr.net	checkout.thoravirilv12.com cdn.jsdelivr.net
2	www.facebook.com	topdanet3.blogspot.com
1	fonts.googleapis.com	checkout.thoravirilv12.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	tag.navdmp.com	thoravirilv12.com
1	amplify.outbrain.com	thoravirilv12.com
1	connect.facebook.net	thoravirilv12.com connect.facebook.net
1	resources.blogblog.com	topdanet3.blogspot.com
1	themes.googleusercontent.com	topdanet3.blogspot.com
1	www.gstatic.com	topdanet3.blogspot.com
1	my.rtmark.net	ajax.cloudflare.com
1	p1.zemanta.com	thoravirilv12.com
0	tr.outbrain.com Failed	amplify.outbrain.com
0	a.mgid.com Failed	thoravirilv12.com
0	portalsaude.meiahora.info Failed	thoravirilv12.com
117	29

This site contains links to these domains. Also see Links.

Domain
www.youshop.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.zemanta.com DigiCert SHA2 Secure Server CA	`2020-08-23` - `2021-09-01`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh

This page contains 3 frames:

Primary Page: https://checkout.thoravirilv12.com/
Frame ID: 3A80A0A12BB0C884BC894686332F2A54
Requests: 30 HTTP requests in this frame

Frame: https://thoravirilv12.com/thv/pixel/checkout/
Frame ID: C617ADAF883B7F94A4958AD7B2E591FF
Requests: 24 HTTP requests in this frame

Frame: https://topdanet3.blogspot.com/2019/10/thv-checkout.html
Frame ID: 28B14222B721088826A3AC760048140D
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://thoravirilv12.com/thv/checkout/p1/ Page URL
https://checkout.thoravirilv12.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

117
Requests

94 %
HTTPS

85 %
IPv6

24
Domains

29
Subdomains

28
IPs

5
Countries

2452 kB
Transfer

5464 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youshop.com.br/privacy
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://www.youshop.com.br/terms
Title: Termos de compra

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thoravirilv12.com/thv/checkout/p1/ Page URL
https://checkout.thoravirilv12.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://thoravirilv12.com/thv/pixel/checkout HTTP 301
https://thoravirilv12.com/thv/pixel/checkout/

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYKalDdWox_APyauWiAc&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=rX9KYKalDdWox_APyauWiAc&cid=CAQSKQCNIrLMjOH_gycJOMZcwYx4Zy05sELuvFZ2YMsMc4-YPtIcq0lSRXp9&random=189088681&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=rX9KYKalDdWox_APyauWiAc&cid=CAQSKQCNIrLMjOH_gycJOMZcwYx4Zy05sELuvFZ2YMsMc4-YPtIcq0lSRXp9&random=189088681&resp=GooglemKTybQhCsO&ipr=y

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYNupDZGHgAfPur24Bg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYNupDZGHgAfPur24Bg&cid=CAQSKQCNIrLMsnsx0eXLm45UcphZnfGEZnvoJq2S3J0EWN3mnJKUAYHPKdmy&random=2360519957&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYNupDZGHgAfPur24Bg&cid=CAQSKQCNIrLMsnsx0eXLm45UcphZnfGEZnvoJq2S3J0EWN3mnJKUAYHPKdmy&random=2360519957&resp=GooglemKTybQhCsO&ipr=y

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYOWnDZfMgAeohLjwAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYOWnDZfMgAeohLjwAg&cid=CAQSKQCNIrLMpW6OH8IpZP072hS0u2-IqtNkeGzFf4XaLWXjs5RDJe28CX87&random=2196484156&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYOWnDZfMgAeohLjwAg&cid=CAQSKQCNIrLMpW6OH8IpZP072hS0u2-IqtNkeGzFf4XaLWXjs5RDJe28CX87&random=2196484156&resp=GooglemKTybQhCsO&ipr=y

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYJOuDc6A7gOlu5nwBQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYJOuDc6A7gOlu5nwBQ&cid=CAQSKQCNIrLMUwUqhWkUfaynx2yqXc_ydR28tYoz-4MkvsRoAZhuV0s6Ctof&random=3607279753&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYJOuDc6A7gOlu5nwBQ&cid=CAQSKQCNIrLMUwUqhWkUfaynx2yqXc_ydR28tYoz-4MkvsRoAZhuV0s6Ctof&random=3607279753&resp=GooglemKTybQhCsO&ipr=y

Request Chain 72

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYO-uDdeVgAfykZLICA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYO-uDdeVgAfykZLICA&cid=CAQSKQCNIrLMO-y_9MMu2SIzt1wJJD90uI6zNdSt15bJqM8uKc5Jbh1lzYmQ&random=1492124308&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYO-uDdeVgAfykZLICA&cid=CAQSKQCNIrLMO-y_9MMu2SIzt1wJJD90uI6zNdSt15bJqM8uKc5Jbh1lzYmQ&random=1492124308&resp=GooglemKTybQhCsO&ipr=y

Request Chain 73

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYMysDZmP-gbHrInoBA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYMysDZmP-gbHrInoBA&cid=CAQSKQCNIrLMBc8tK4zP0KbUcc8Ql98fpKM06T5GgXjPwppy_XrxkgS2k3M0&random=3594821423&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYMysDZmP-gbHrInoBA&cid=CAQSKQCNIrLMBc8tK4zP0KbUcc8Ql98fpKM06T5GgXjPwppy_XrxkgS2k3M0&random=3594821423&resp=GooglemKTybQhCsO&ipr=y

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rX9KYKSwDc3QgQehgrygAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYKSwDc3QgQehgrygAw&cid=CAQSKQCNIrLMiAY0LwKgN42CWg3aJAyR8Gzg-miVXGXDmIRsjwfoOeZAJCyy&random=338587779&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYKSwDc3QgQehgrygAw&cid=CAQSKQCNIrLMiAY0LwKgN42CWg3aJAyR8Gzg-miVXGXDmIRsjwfoOeZAJCyy&random=338587779&resp=GooglemKTybQhCsO&ipr=y

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
thoravirilv12.com/thv/checkout/p1/ 1 KB
1 KB 131ms
105ms Document
text/html 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thoravirilv12.com/thv/checkout/p1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d124636b0c77bb0bb16d89822e45902d14485af50d2f0043c3d75c9c42e7691

Request headers

:method: GET
:authority: thoravirilv12.com
:scheme: https
:path: /thv/checkout/p1/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1201aabbb90c68cfed88a601960e451e1615495084; expires=Sat, 10-Apr-21 20:38:04 GMT; path=/; domain=.thoravirilv12.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 08c49bd11f0000d6b9d9081000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DPHTFHkfKXP3uYlGIT10jBDHjGvE8phspKBnJm3LtpcgZuculeoHPr41OSWHRX0COyEG7i7w72en0e8b9ltvOBTvuUNWYLRvdwJ3dzkdUoJ%2FouOsp%2Fuo3C5Ee6LzsA%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62e79594f8b7d6b9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 8ms
8ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08c49bd18c00004ab6d1a8e000000001
last-modified: Thu, 04 Mar 2021 10:30:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6040b6ad-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=myvCAeC1C2c4cZX9XT%2FhvsMJQ6MZXVn1fYalAQBoUTNFwiR8pX2eI6IMV7uHjzpiiqHYfk5QJLD5DmyFS43t1j52jDBtM5EUuPC1CydG%2BmunE2TsIn%2BRA4RYK7oQSafH"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62e79595a89b4ab6-FRA
expires: Sat, 13 Mar 2021 20:38:04 GMT

GET
H2

200

/ Show response
thoravirilv12.com/thv/pixel/checkout/ Frame C617
Redirect Chain

https://thoravirilv12.com/thv/pixel/checkout
https://thoravirilv12.com/thv/pixel/checkout/

5 KB
2 KB

100ms
100ms

Document
text/html

2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thoravirilv12.com/thv/pixel/checkout/
Requested by: Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f4b2a6545467682314e86be5cdfc4b6474d193a3f7e1f005ff21c7213f850f

Request headers

:method: GET
:authority: thoravirilv12.com
:scheme: https
:path: /thv/pixel/checkout/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thoravirilv12.com/thv/checkout/p1/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d1201aabbb90c68cfed88a601960e451e1615495084
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thoravirilv12.com/thv/checkout/p1/

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 08c49bd1fb0000d6b9e681d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LYY%2F8NUsNqT0ni0zYig1fVhnuhmcXrUwvw6QIBXa9t7t6%2FyR9LDDxz%2BAkOCUA80RIMmHhY0SYYiV2hfD6hAlJE3yGldVpwJYhoHGzc6HWJYNgGVDBeLucqorrD99Ug%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62e795965bfed6b9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-type: text/html; charset=iso-8859-1
location: https://thoravirilv12.com/thv/pixel/checkout/
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-request-id: 08c49bd1910000d6b9949c4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lcOXoKdl5ZN1P69IvuNEbfY8xDcjDwcJHAvIPpdvSzgzNS9YlMhoHQrL9QQhu7Mc9L%2BVoa6MhLoaApxiwzuxZjSG25t7Lr%2FPnnkxoXU9FyVLeLs3zyZRmgxm%2Fm7K5Q%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 62e79595ba6cd6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134148284-4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

318123da89455dc6f1767aff15aebb803d29a190fff7b17941fd4afbc07b9bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40672
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H2 200 /
p1.zemanta.com/p/6665/7068/ Frame C617 26 B
184 B 145ms
128ms Image
image/gif 2600:1901:0:4e44::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.zemanta.com/p/6665/7068/
Requested by: Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:4e44:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 70dd0e2e2a6e1a954933ea3ee5e86120
x-robots-tag: none
alt-svc: clear
content-length: 26

GET
H2 200 conv.php
trends.revcontent.com/ Frame C617 49 B
420 B 108ms
37ms Image
image/gif 52.213.66.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trends.revcontent.com/conv.php?t=EGeoN26LxMrw%2BvVAEUEB3VYEwiwFQ3OYGWgv5TdKXTMA4Dnuoacvv42mvCM9sf4O

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-66-185.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Thu, 11 Mar 2021 20:38:04 GMT
server: Apache/2.4.25 (Debian)
cache-control: public, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: https://thoravirilv12.com
timestamp: 1615495084
access-control-allow-credentials: true
content-length: 49
expires: Mon, 23 Jul 2002 05:00:00 GMT

GET
H2 200 conv.php
trends.revcontent.com/ Frame C617 49 B
419 B 113ms
42ms Image
image/gif 52.213.66.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trends.revcontent.com/conv.php?t=1z4k9q1UZFOIRZZGaHnz3eW2iEfC0noGrptu7CE033r4paV09EOJoUYR6xEyzNSI

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-66-185.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Thu, 11 Mar 2021 20:38:04 GMT
server: Apache/2.4.25 (Debian)
cache-control: public, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: https://thoravirilv12.com
timestamp: 1615495084
access-control-allow-credentials: true
content-length: 49
expires: Mon, 23 Jul 2002 05:00:00 GMT

GET
H2 200 conv.php
trends.revcontent.com/ Frame C617 49 B
419 B 109ms
39ms Image
image/gif 52.213.66.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trends.revcontent.com/conv.php?t=tKJIcIku%2B4eBmeALDXrhgF64KIbdFEpB8HO76EXfiWrrsA2gftPR0GiBAPqINDt5

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-66-185.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Thu, 11 Mar 2021 20:38:04 GMT
server: Apache/2.4.25 (Debian)
cache-control: public, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: https://thoravirilv12.com
timestamp: 1615495084
access-control-allow-credentials: true
content-length: 49
expires: Mon, 23 Jul 2002 05:00:00 GMT

GET
H2 200 conv.php
trends.revcontent.com/ Frame C617 49 B
419 B 108ms
38ms Image
image/gif 52.213.66.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trends.revcontent.com/conv.php?t=3DRzHFjq6nWsHmdg4og3p%2BtjOYyWxR5CRXV2eZ1cKrU1NHveOkqyktrbgP27vq8K

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.66.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-66-185.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Thu, 11 Mar 2021 20:38:04 GMT
server: Apache/2.4.25 (Debian)
cache-control: public, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: https://thoravirilv12.com
timestamp: 1615495084
access-control-allow-credentials: true
content-length: 49
expires: Mon, 23 Jul 2002 05:00:00 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame C617 12 KB
4 KB 9ms
8ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08c49bd2aa00004ab6d3347000000001
last-modified: Thu, 04 Mar 2021 10:30:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6040b6ad-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yoIlnBh1N6s6RUCH6k52WbwKIZ1sWn7%2BUPZBTKWxf57klFhcOgSX%2FnTkjE1s0P4f24EdGesET%2Bg6w7GvPKdgy2i3J2VZ73OnJ6INrMAsEJB%2BsQ9u%2B50TC3Tm6ZqiYfhI"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62e795977c2e4ab6-FRA
expires: Sat, 13 Mar 2021 20:38:04 GMT

GET
H2 200 thv-checkout.html Show response
topdanet3.blogspot.com/2019/10/ Frame 28B1 76 KB
17 KB 178ms
146ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/pixel/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfd9739abe3afecea95d7215cdfab051efcb1abca9b2a61b57d125c4ddbca241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: topdanet3.blogspot.com
:scheme: https
:path: /2019/10/thv-checkout.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thoravirilv12.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thoravirilv12.com/

Response headers

content-type: text/html; charset=UTF-8
expires: Thu, 11 Mar 2021 20:38:04 GMT
date: Thu, 11 Mar 2021 20:38:04 GMT
cache-control: private, max-age=0
last-modified: Tue, 09 Mar 2021 20:59:45 GMT
etag: W/"d1769c8bded95b7b353f0b4a62775aa5d36707a07d09139272f0f496972af0ed"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16934
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.js Show response
my.rtmark.net/ Frame C617 697 B
1 KB 54ms
16ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=540f87a17e69ae430d5a7f0f80ed5e3299e3a8c4862332cba2b06e01485d71f2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ca1524469c8412c2b8a4f9e013a22febed098ccc5a0a39735d50fd7ba3072c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame C617 101 KB
40 KB 49ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134148284-4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4664af379943818097a6ae4ed6a8e89ab11b99c142d1ff2acec821287033e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40671
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ Frame 28B1 12 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4096
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame 28B1 1 B
684 B 127ms
108ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8654334594673253598&zx=d485be38-cd96-44c0-86c7-887cf2eb52dd

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 20:38:04 GMT
server: GSE
date: Thu, 11 Mar 2021 20:38:04 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sprite_v1_6.css.svg
topdanet3.blogspot.com/responsive/ Frame 28B1 7 KB
2 KB 40ms
27ms Other
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://topdanet3.blogspot.com/responsive/sprite_v1_6.css.svg

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/2019/10/thv-checkout.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 11:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 05:10:33 GMT
server: sffe
age: 551105
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2244
x-xss-protection: 0
expires: Fri, 12 Mar 2021 11:32:59 GMT

GET
H2 200 image
themes.googleusercontent.com/ Frame 28B1 23 KB
23 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w480

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3b68bfef6a47beecaa079bc2f4d0e3206612b61c1b8a4cad9e2d6f2a48553c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23514
x-xss-protection: 0
expires: Fri, 12 Mar 2021 20:38:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 28B1 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topdanet3.blogspot.com
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 265577
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H2 200 tr
www.facebook.com/ Frame 28B1 44 B
410 B 21ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=183827116585427&ev=Purchase&cd[value]=0.01&cd[currency]=BRL

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H2 200 tr
www.facebook.com/ Frame 28B1 44 B
214 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=183827116585427&ev=InitiateCheckout&cd[value]=0.01&cd[currency]=BRL

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-688008293

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45228ea914f36541f0614b0fb14da369783a1823c4c09da4fe2d72610f2d0228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39758
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-742021047

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7d6e7b623e899c30f60a5e487234681a2f1e9a6460dbac661dc335a4aa55936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39756
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-651192104

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f36eff55d3618a2d0c8ebe4ca5656b0d7e233f7ee8fbeba027fd6ce24d5cefb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39760
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-611304047

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d64ff2267b04d541d1cdaf2686b02f22e9a368f0c63de3c1daf698789392f404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39757
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494872910

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95cfd71f9a1f739ef638158ff42c689960fc00974d0ac330236277f5e7e36c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39761
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494868820

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3292d4d79f3485f1a6f24423485a23c3a362d0b2faf83d64c7ffd107a0215f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39757
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-828003655

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82212abf37b138d899229f2bf8892d2fb18d3b5809daeae63a1469e694baa775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39759
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:04 GMT

GET
H2 200 149390559-indie_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ Frame 28B1 136 KB
136 KB 40ms
5ms Script
text/javascript 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/149390559-indie_compiled.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f82c5904c7e5d41746a5fb635db74b1d666dc1253479deffa6e6fbdcb26d1486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 01:45:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 01:28:13 GMT
server: sffe
age: 154382
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139308
x-xss-protection: 0
expires: Wed, 17 Mar 2021 01:45:02 GMT

GET
H3-Q050 200 cookienotice.js Show response
topdanet3.blogspot.com/js/ Frame 28B1 6 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://topdanet3.blogspot.com/js/cookienotice.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/2019/10/thv-checkout.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 15:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 14:05:06 GMT
server: sffe
age: 450537
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
expires: Sat, 13 Mar 2021 15:29:07 GMT

GET
H2 200 981256326-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame 28B1 143 KB
52 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/981256326-widgets.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 00:13:48 GMT
server: sffe
age: 241414
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53138
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:34:30 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 28B1 15 KB
16 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topdanet3.blogspot.com
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 89133
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-688008293&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2ea6be3c1cd9cb33672e86e2a104f300c820b6cbd9342f0a3ae22d52aec1363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39799
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-651192104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9f12dbc8b7c1dcabfc343fde65615a282b441ac9aa9600ad6a9008deb315118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39791
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-611304047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425f933992675b59777e6ffa75cabbf0a5f65f0f4dc707fdc99af729881b5e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39793
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494872910&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76486ef2e00b29afb457ed916351c145fa6fbf5895621010f79fea859d357977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39796
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494868820&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2d16054300d92de947ab6583ea4e8cd36b612fd22b23d54d067083ca88d7d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39794
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 28B1 99 KB
39 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-828003655&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-742021047

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3e78631f12087bcfffacd112061e2b059d7a07cc5d504fa9a9c8db66e81e63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39794
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:17:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 28B1 32 KB
13 KB 86ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-688008293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12597
x-xss-protection: 0
server: cafe
etag: 5966996634223651104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 blogger_logo_round_35.png
www.blogger.com/img/ Frame 28B1 2 KB
3 KB 35ms
21ms Image
image/png 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:00:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 03:07:53 GMT
server: sffe
age: 74252
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
expires: Thu, 18 Mar 2021 00:00:33 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ Frame 28B1 1 B
669 B 114ms
114ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8654334594673253598&zx=d485be38-cd96-44c0-86c7-887cf2eb52dd

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 20:38:05 GMT
server: GSE
date: Thu, 11 Mar 2021 20:38:05 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/494872910/ Frame 28B1 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494872910/?random=1615495085153&cv=9&fst=1615495085153&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c2161610f797d0f0d1f1b8c3a751f37bf87bafd077a827f10f57fd15c8057bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/494872910/ Frame 28B1 2 KB
1 KB 78ms
46ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/494872910/?random=1615495085156&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4e87591a71ef02562c2b2f0a71dda94ae22f2b38200ed2c3312a292dee4b13cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/ Frame 28B1 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=1615495085159&cv=9&fst=1615495085159&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7dc0fa6f86c52c416e2245b854d9f66383c52986ae1dbca28bde2828fe5590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/494868820/ Frame 28B1 2 KB
1 KB 75ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/494868820/?random=1615495085160&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

acde74766da3402f9e038db3adf5528eb92357df36af596d4f891a0074bb57be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/ Frame 28B1 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=1615495085162&cv=9&fst=1615495085162&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26414913ee93000d21a9504bffb739844b08c1a99549634969b85b8edc9d665d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/828003655/ Frame 28B1 2 KB
1 KB 72ms
46ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/828003655/?random=1615495085162&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

65f90889081bbc6072c000289006ae8eec0cfd8f6971b1fb216edcf02cca68c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/ Frame 28B1 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1615495085163&cv=9&fst=1615495085163&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9917891c4b12e1e59ef7f0482d75dd66ddb12c8dd875b238c25f4b562b1111eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/611304047/ Frame 28B1 2 KB
2 KB 69ms
45ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/611304047/?random=1615495085164&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ca415049160801481bc6f6edd9335236def58d1b71d93dd6ec63c991926cfc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/ Frame 28B1 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=1615495085165&cv=9&fst=1615495085165&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b5ce33a06489d5de5cb3e68bf2918226c8b3d6c90f359e151ee5c3c6486c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/688008293/ Frame 28B1 2 KB
1 KB 68ms
46ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/688008293/?random=1615495085166&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

df1f710f7b9c8b57c2688137678db8afe56c8fe85c99ef2eca9dcd5069d1b6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1154
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/ Frame 28B1 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=1615495085167&cv=9&fst=1615495085167&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e32cc4b11cbcc6b484a54bd09788323e81ae026c97633c3830183f3d52498a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/742021047/ Frame 28B1 2 KB
1 KB 69ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/742021047/?random=1615495085168&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

15527279240d72d3229ecbebe67d830620c4b757db114c3e1fb4b11699145ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1158
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/ Frame 28B1 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=1615495085169&cv=9&fst=1615495085169&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3ea95b56472d03178b0ac829ca7434a22490dbd651e546c1fe6d7e3f826692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/651192104/ Frame 28B1 2 KB
1 KB 67ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/651192104/?random=1615495085169&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b8d577b63fd5edcd4f588f2ee5757eaf63605a99d87b810417f4854db8b418d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/494872910/ Frame 28B1 42 B
109 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/494872910/?random=1615495085153&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=2433851064&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/494872910/ Frame 28B1 42 B
108 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/494872910/?random=1615495085153&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=2433851064&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/494868820/ Frame 28B1 42 B
109 B 37ms
33ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/494868820/?random=1615495085159&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=1827687232&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/494868820/ Frame 28B1 42 B
108 B 41ms
37ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/494868820/?random=1615495085159&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=1827687232&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/828003655/ Frame 28B1 42 B
109 B 30ms
27ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/828003655/?random=1615495085162&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=748643449&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/828003655/ Frame 28B1 42 B
108 B 21ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/828003655/?random=1615495085162&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=748643449&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/611304047/ Frame 28B1 42 B
109 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/611304047/?random=1615495085163&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=83090367&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/611304047/ Frame 28B1 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/611304047/?random=1615495085163&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=83090367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/688008293/ Frame 28B1 42 B
109 B 23ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/688008293/?random=1615495085165&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=248196664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/688008293/ Frame 28B1 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/688008293/?random=1615495085165&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=248196664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/742021047/ Frame 28B1 42 B
109 B 23ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/742021047/?random=1615495085167&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=3585945630&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/742021047/ Frame 28B1 42 B
66 B 43ms
28ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/742021047/?random=1615495085167&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=3585945630&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/651192104/ Frame 28B1 42 B
321 B 21ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/651192104/?random=1615495085169&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=2728588546&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/651192104/ Frame 28B1 42 B
530 B 40ms
26ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/651192104/?random=1615495085169&cv=9&fst=1615492800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&async=1&fmt=3&is_vtc=1&random=2728588546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/611304047/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

22ms
21ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=rX9KYKalDdWox_APyauWiAc&cid=CAQSKQCNIrLMjOH_gycJOMZcwYx4Zy05sELuvFZ2YMsMc4-YPtIcq0lSRXp9&random=189088681&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/611304047/?random=604700619&cv=9&fst=1615495085164&num=1&label=yEEGCNqzq9gBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=rX9KYKalDdWox_APyauWiAc&cid=CAQSKQCNIrLMjOH_gycJOMZcwYx4Zy05sELuvFZ2YMsMc4-YPtIcq0lSRXp9&random=189088681&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/688008293/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

22ms
21ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYNupDZGHgAfPur24Bg&cid=CAQSKQCNIrLMsnsx0eXLm45UcphZnfGEZnvoJq2S3J0EWN3mnJKUAYHPKdmy&random=2360519957&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/688008293/?random=206009842&cv=9&fst=1615495085166&num=1&label=be2rCOyrvsIBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYNupDZGHgAfPur24Bg&cid=CAQSKQCNIrLMsnsx0eXLm45UcphZnfGEZnvoJq2S3J0EWN3mnJKUAYHPKdmy&random=2360519957&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/828003655/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
66 B

38ms
38ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYOWnDZfMgAeohLjwAg&cid=CAQSKQCNIrLMpW6OH8IpZP072hS0u2-IqtNkeGzFf4XaLWXjs5RDJe28CX87&random=2196484156&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/828003655/?random=93119500&cv=9&fst=1615495085162&num=1&label=1sjECK7BxvoBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYOWnDZfMgAeohLjwAg&cid=CAQSKQCNIrLMpW6OH8IpZP072hS0u2-IqtNkeGzFf4XaLWXjs5RDJe28CX87&random=2196484156&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/494872910/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

22ms
21ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYJOuDc6A7gOlu5nwBQ&cid=CAQSKQCNIrLMUwUqhWkUfaynx2yqXc_ydR28tYoz-4MkvsRoAZhuV0s6Ctof&random=3607279753&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/494872910/?random=555200804&cv=9&fst=1615495085156&num=1&label=VsiECPPY0uUBEM7S_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYJOuDc6A7gOlu5nwBQ&cid=CAQSKQCNIrLMUwUqhWkUfaynx2yqXc_ydR28tYoz-4MkvsRoAZhuV0s6Ctof&random=3607279753&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/494868820/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

22ms
22ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYO-uDdeVgAfykZLICA&cid=CAQSKQCNIrLMO-y_9MMu2SIzt1wJJD90uI6zNdSt15bJqM8uKc5Jbh1lzYmQ&random=1492124308&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/494868820/?random=276550292&cv=9&fst=1615495085160&num=1&label=kdlcCLWH1OUBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYO-uDdeVgAfykZLICA&cid=CAQSKQCNIrLMO-y_9MMu2SIzt1wJJD90uI6zNdSt15bJqM8uKc5Jbh1lzYmQ&random=1492124308&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/651192104/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

40ms
40ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYMysDZmP-gbHrInoBA&cid=CAQSKQCNIrLMBc8tK4zP0KbUcc8Ql98fpKM06T5GgXjPwppy_XrxkgS2k3M0&random=3594821423&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/651192104/?random=441518202&cv=9&fst=1615495085169&num=1&label=-ZQFCMSbldYBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYMysDZmP-gbHrInoBA&cid=CAQSKQCNIrLMBc8tK4zP0KbUcc8Ql98fpKM06T5GgXjPwppy_XrxkgS2k3M0&random=3594821423&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/742021047/ Frame 28B1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
66 B

20ms
20ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYKSwDc3QgQehgrygAw&cid=CAQSKQCNIrLMiAY0LwKgN42CWg3aJAyR8Gzg-miVXGXDmIRsjwfoOeZAJCyy&random=338587779&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/10/thv-checkout.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/742021047/?random=2080984108&cv=9&fst=1615495085168&num=1&label=dOLPCL3N6MgBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F10%2Fthv-checkout.html&ref=https%3A%2F%2Fthoravirilv12.com%2F&tiba=thv-checkout&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rX9KYKSwDc3QgQehgrygAw&cid=CAQSKQCNIrLMiAY0LwKgN42CWg3aJAyR8Gzg-miVXGXDmIRsjwfoOeZAJCyy&random=338587779&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST tracker.php
portalsaude.meiahora.info/tools/ Frame C617 0
0

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ Frame C617 91 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: kufy3S/Hhh1V8Elnt5YcuRinns/vWQ4zsjxulek4uq6gotQC6syrIZg24krEErhaWI8A6kxisBi+4v6olsP6Sg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 11 Mar 2021 20:38:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET mgsensor.js
a.mgid.com/ Frame C617 0
0

GET
H/1.1 200
OK obtp.js
amplify.outbrain.com/cp/ Frame C617 7 KB
3 KB 87ms
28ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 20:38:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 14:42:51 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Thu, 11 Mar 2021 20:58:05 GMT

GET
H2 200 universal.min.js
tag.navdmp.com/ Frame C617 8 KB
3 KB 42ms
19ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 716
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 08c49bd56100002bf2008a1000000001
last-modified: Tue, 05 Feb 2019 21:24:03 GMT
server: cloudflare
etag: W/"5c59fef3-1f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 62e7959bcad52bf2-FRA
expires: Thu, 11 Mar 2021 21:26:09 GMT

GET
H2 200 Primary Request / Show response
checkout.thoravirilv12.com/ 1 KB
848 B 124ms
111ms Document
text/html 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/
Requested by: Host: thoravirilv12.com
URL: https://thoravirilv12.com/thv/checkout/p1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43cf58f01255b3aab0ac2e53579a11f3a6221d4f6be022af4f739319a072d89

Request headers

:method: GET
:authority: checkout.thoravirilv12.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://thoravirilv12.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d1201aabbb90c68cfed88a601960e451e1615495084
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thoravirilv12.com/

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 07 Jan 2021 15:07:34 GMT
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 08c49bd5620000d6b9fc842000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q20N%2FjzYU3xZ%2FaJIJBgDZKlD%2B1plZ%2F45v%2FfIpfkQXZACaSasLFCix35i9u1EPjfI%2BI5q2Yb6eVrfbmeiDEme8djZUC0tZnZ2dTsEjY1QCFeSyFh%2BHuu%2FTU6eQiC7QbAJeEODApqrNg%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62e7959bcb9fd6b9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ Frame C617 140 KB
53 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HK0HECW7JZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134148284-4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54495
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ 140 KB
53 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HK0HECW7JZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134148284-4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54495
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET 848465672343139
connect.facebook.net/signals/config/ Frame C617 0
0

POST
H2 204 collect
analytics.google.com/g/ Frame C617 0
169 B 15ms
14ms Other
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HK0HECW7JZ&gtm=2oe330&_p=1270055838&sr=1600x1200&_gaz=1&ul=en-us&cid=1987984477.1615495085&_s=1&dl=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fpixel%2Fcheckout%2F&dr=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fcheckout%2Fp1%2F&dt=&sid=1615495085&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_eu=C
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HK0HECW7JZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thoravirilv12.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame C617 0
75 B 15ms
15ms Other
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HK0HECW7JZ&cid=1987984477.1615495085&gtm=2oe330&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HK0HECW7JZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thoravirilv12.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ Frame C617 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134148284-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2130
date: Thu, 11 Mar 2021 20:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 22:02:35 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ Frame C617 42 B
65 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HK0HECW7JZ&cid=1987984477.1615495085&gtm=2oe330&aip=1&z=395465292

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect
www.google-analytics.com/j/ Frame C617 1 B
388 B 46ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1270055838&t=pageview&_s=1&dl=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fpixel%2Fcheckout%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1x1&je=0&_u=ICDACUABBAAAAC~&jid=1091937265&gjid=854640827&cid=1987984477.1615495085&tid=UA-134148284-4&_gid=543565401.1615495085&_r=1&gtm=2ou330&z=1741375132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thoravirilv12.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET cachedClickId
tr.outbrain.com/ Frame C617 0
0

GET unifiedPixel
tr.outbrain.com/ Frame C617 0
0

POST collect
analytics.google.com/g/ 0
0

POST collect
analytics.google.com/g/ Frame C617 0
0

GET
H2 200 app.81bebf62.css
checkout.thoravirilv12.com/css/ 8 KB
2 KB 346ms
344ms Stylesheet
text/css 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/css/app.81bebf62.css
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f538f8dfb4c770a8ab71f47eee3ec5f4441e99e67ecdae65e5086dbf3437b7b

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8393
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd5dc0000d6b9aa3c3000000001
last-modified: Thu, 07 Jan 2021 15:07:39 GMT
server: cloudflare
etag: W/"20c9-5b850cd0340f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2xSoU2C9kmh6LsNpidMWqZpwTYUEt%2FxE4BVu9jtTofgIzhDAfYtFFCftd%2FtsjntEQaUWO663Z6IlFwWQDoWe3Xr8SUI7UrnPsruFqcs%2BW%2F0CwGvMlvWghT5CPAMCQlPVTqdaE%2F6wPg%3D%3D"}]}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e7959c9ca2d6b9-FRA
cf-bgj: minify

GET
H2 200 chunk-vendors.ed0a1681.css
checkout.thoravirilv12.com/css/ 362 KB
31 KB 147ms
145ms Stylesheet
text/css 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/css/chunk-vendors.ed0a1681.css
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3c12fec8862bd6062f3a9656f973da9efeb023327a72d5488aa78fc40014a8

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=370446
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd5dc0000d6b9e6851000000001
last-modified: Thu, 07 Jan 2021 15:07:39 GMT
server: cloudflare
etag: W/"5a70e-5b850ccfa76ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I8Nhsje24JLA3OxsHRgSwEsgQiCk0mEuP9z%2FjfdSrPXt2IVx09fB92HsV8kmt7O75mFu%2BA%2Bh5VEPlgpxgRCd7q3lvNHoDDbzaf6lt7lXR79a8mlcNjkS025szcHAW05%2BBq8JTmAHoQ%3D%3D"}]}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e7959c9ca4d6b9-FRA
cf-bgj: minify

GET
H2 200 app.43d10655.js Show response
checkout.thoravirilv12.com/js/ 48 KB
12 KB 106ms
105ms Script
application/javascript 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/js/app.43d10655.js
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c003faffaa51f583ea10f541a0b3a6ebb0a564da6c1635bcf61ad8ba643c3025

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=48894
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd5e00000d6b983871000000001
last-modified: Thu, 07 Jan 2021 15:07:47 GMT
server: cloudflare
etag: W/"befe-5b850cd7bbd0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pbRF9PMsP9dem4D1QFomWSFU701d7%2F48PO3gZ%2F3JUKnRhC4ugLKdW4zGezZ1b8BAXDsMZe2LRLgHmlsFqSgTggGc0E0pVze0%2FWdT%2F2TKXz3Xf8S%2FrLf5UdnuzOB2d1vYww3Mtw%2FOA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e7959c9ca6d6b9-FRA
cf-bgj: minify

GET
H2 200 chunk-vendors.6f4ca678.js Show response
checkout.thoravirilv12.com/js/ 1 MB
243 KB 337ms
336ms Script
application/javascript 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/js/chunk-vendors.6f4ca678.js
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57a43fd56028807f0131efdf2409916692fb8189dd61eb95a818fbdabb9d86b

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1168638
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd5de0000d6b9e8b74000000001
last-modified: Thu, 07 Jan 2021 15:07:50 GMT
server: cloudflare
etag: W/"11d4fe-5b850cda08b09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YpKe4MRnplTWtITIg%2FSpS60BoLDegpuAG7jSrVwsDnvVhGhztUXUg%2B1ukXFMbTL3zDqCSAtgz7x5Gbxmna6k%2FqN6uLNtIUMP4uU37cGVjWmcuXyfVCRTx5VeZI96gbre8egjmSs0cA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e7959c9ca9d6b9-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 12 KB
935 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5befcf8157923690acf161db9d9f1a2f095020b98ea3e341eb432454796fd53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:00:25 GMT
server: ESF
date: Thu, 11 Mar 2021 20:38:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 20:38:05 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 268 KB
43 KB 21ms
21ms Stylesheet
text/css 2a04:4e42:4b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34698
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 44082
etag: W/"42ee2-CKTXny4oZWgGaKw+ActLLIvSXKE"
x-served-by: cache-fra19169-FRA, cache-lon4251-LON
date: Thu, 11 Mar 2021 20:38:05 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08c49bd5e300004ab6a7257000000001
last-modified: Thu, 04 Mar 2021 10:30:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6040b6ad-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ItTZ5QQN2baoH5HTLoe1FCFFiBnrb9ETX5kAT3RosR0qGEySh7Kkwa2BGUePNupKUlkKT2qJhhAmaQIPNDW8yWLNgv0BE8WTCDWm9MJSbSeeD1HMCMN3vTeuBQtHJ8ac"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62e7959c9e164ab6-FRA
expires: Sat, 13 Mar 2021 20:38:05 GMT

GET
H2 200 scripts.js Show response
checkout.thoravirilv12.com/tv/1frasco/ 0
439 B 285ms
284ms Script
text/javascript 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/tv/1frasco/scripts.js
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/js/chunk-vendors.6f4ca678.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
cart
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08c49bd8cd0000d6b98d0b0000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RQea06huWrT9qr3mxnhhNq%2BuJpjM7qmH10X%2FUdLffsv%2FcBDU03RK%2BuangWAnzXqi%2BXfAf%2FsKO75cZjVTxyUmINbZ3dGyohnIQJLEhnWhvr%2BLy2i9V38YvxBdduFtRkol9nmp3j9n%2FQ%3D%3D"}]}
content-type: text/javascript; charset=utf-8
access-control-expose-headers: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62e795a14b30d6b9-FRA

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://checkout.thoravirilv12.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 265579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H2 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 318 KB
318 KB 83ms
28ms Font
font/woff2 2a04:4e42:4a::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=5.9.55

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4a::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://checkout.thoravirilv12.com
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 14430
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 325244
etag: W/"4f67c-W8lIr//mYzY5FU4CS/BHzz74EyY"
x-served-by: cache-fra19141-FRA, cache-man4128-MAN
date: Thu, 11 Mar 2021 20:38:06 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://checkout.thoravirilv12.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 267027
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H2 200 visa.bc99b100.svg
checkout.thoravirilv12.com/img/ 2 KB
1 KB 106ms
104ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/visa.bc99b100.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29f5a1dbf08c8d0e63ab98f97aa44fe7c5e24c1ebfd1db5bcfdb51bb7e8380c

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:43 GMT
server: cloudflare
etag: W/"858-5b850cd341519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=di1SAmpLyOnk068KlbE1jmbyIAmWBMf4PsX7vG6qj%2BEnI9OsPhlbDo1%2Bd%2FjEpPldKEgyzVGB5K85ehX4KidFbPlIiRE5Lt38Ly59dVSvw3p%2BiGUfb%2B4uKqnATpiICwpLWE7S%2F%2BD5OA%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1dbefd6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92b0000d6b9f4186000000001

GET
H2 200 mastercard.5cae66c5.svg
checkout.thoravirilv12.com/img/ 8 KB
3 KB 108ms
106ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/mastercard.5cae66c5.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13c98f90243b4bcdc23cdf190d512cde3e7e76bffb0d322243ef91037532a94

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:43 GMT
server: cloudflare
etag: W/"1e2a-5b850cd343459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VnTNJDSZ8Po9u4otjv0AkvQdbTOWx53D%2Foq0bx1ryDvCSPN1KkSTl87TW2tA8dgIIDVfm%2FlmRR14PUmKlGbzJsR3MtYOBpwMbtVgIp%2FffUXtFBtZ4Zp%2FFFeaNdMxyikITex70weMbQ%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1dbf0d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92e0000d6b99c152000000001

GET
H2 200 hiper.3bbe5210.svg
checkout.thoravirilv12.com/img/ 38 KB
17 KB 109ms
107ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/hiper.3bbe5210.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b696373438c4c6181437e88b8cd09784af9b05dc9bd9f0b99d5ada3ccf6e9a

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:45 GMT
server: cloudflare
etag: W/"996c-5b850cd557812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FlPvvDZZuyFCc0oSSiZVGfcuh23N3CI0DHlt7ft1cY2KWrDLwCEkbWsx6VkvRVpIiUJa0iE%2B3KA4CX8u3x80tfvXNyzBSBTm3fPkT8a%2B6TdEF4vClOtKkH8zbVrOwg01GVWo6%2BJEmg%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1dbf1d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92b0000d6b9e08a3000000001

GET
H2 200 amex.c29d0029.svg
checkout.thoravirilv12.com/img/ 7 KB
3 KB 110ms
108ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/amex.c29d0029.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef143e017b511a33dc3a75a7f6a45d1b957ae91865b826146accfcea27bdff6

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:44 GMT
server: cloudflare
etag: W/"1bfb-5b850cd449f85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7zQpuUT8snVE5MW3oPyRVQ8W0bhf5qRJH4GflrZw7YPv573BRNkC6Xar7HO3L500V5STHd1InfdKg8rN1orJMr8Duk8I6yAP7wHJ5ffQ2d0qfzQKnEcVu1ldN5Ug9JPJltjMvgFHLQ%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1dbf2d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92b0000d6b9b5ad4000000001

GET
H2 200 diners.aa79e1b9.svg
checkout.thoravirilv12.com/img/ 1 KB
1 KB 100ms
99ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/diners.aa79e1b9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1236c076d292caf1d10f5a18f5c7ea1639596f72b82c4396460c2cd5c8922c11

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:44 GMT
server: cloudflare
etag: W/"59d-5b850cd4cec8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=222K4s3KcQA09WZf6KFIWy2PB5IxhU1o05rxHsgxDNGII4ZRQC0KoSQApfpLF9x6hE7HVaC0hQ8BCUTpaLq%2BStNHks478vhPaHyPZHrdnmG4qjvIN0l%2F1Ng%2FAJ4SdL4SECoaGpO%2B4w%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1dbf4d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92c0000d6b9aa3f3000000001

GET
H2 200 elo.94f78f34.svg
checkout.thoravirilv12.com/img/ 4 KB
2 KB 120ms
119ms Image
image/svg+xml 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/elo.94f78f34.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55f0da7dfca204cd3e127b7927e3bbf350586c3f0445dcb7e3d934156b8853c

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 15:07:44 GMT
server: cloudflare
etag: W/"eea-5b850cd449f85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2B%2FOVtJmwHcS%2Fbgiovd5%2B7NmZlpsnAVVVvNz0IkIb2e1L73Z1MQXVeB1qAMx793%2FfNoCsFMFfiZvegDId%2BPZClmn1jJzQKev%2FAOJmD7SlaAYoqPDziXUF%2BspgJhupoW2%2FkFWJxzLvQ%3D%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62e795a1fc1dd6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd9370000d6b9de23d000000001

GET
H2 200 secure.eef94f94.jpg
checkout.thoravirilv12.com/img/ 17 KB
17 KB 99ms
99ms Image
image/jpeg 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/img/secure.eef94f94.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7ffebccb24759baee45a8753b6c13eaf259b61b0f4604de2f6a8bace441902

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16999
cf-request-id: 08c49bd9370000d6b9c80f1000000001
last-modified: Thu, 07 Jan 2021 15:07:42 GMT
server: cloudflare
etag: "4267-5b850cd2bf6f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yD1x2xpl7z%2BctsLRnCOv6WCqPEG6owQRrs5Rp9cOaoRV3kSAomkbO392chnLIr2dPXqH5%2BIR8%2Fd12N157Lw7Mb3tD%2FFw3D1Az80H8u5QFSxoX9NUXnFYLVsYcx0aZAyjo2V0Yep7oA%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e795a1fc1ed6b9-FRA

GET
H2 200 checkout.php Show response
checkout.thoravirilv12.com/tv/1frasco/ 2 KB
1023 B 402ms
402ms XHR
application/json 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.thoravirilv12.com/tv/1frasco/checkout.php
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/js/chunk-vendors.6f4ca678.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837dfb60d77d8ef3aefaa15d582829bdf9c646019a6e6e89292e06ae0c7e354b

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
cart: ec58c164-7e6f-4d6b-8689-4c902b534dbe
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c49bd92c0000d6b9d30a4000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6G8R0skKl2J41pcA%2F51MTB%2FnkQOVdp9GPkh%2FhhWkk5541WUYT%2Bti0Bw4hEZq3T4tj3oQoXexKap9vGDresRg2AK5ol1tDQVoMq%2BjotK5yX7uTHRgrR94eQADR3nfliw1jpGFDeVWig%3D%3D"}]}
content-type: application/json; charset=utf-8
access-control-expose-headers: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 62e795a1ebf7d6b9-FRA

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://checkout.thoravirilv12.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 89135
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQY2DTM5N5

Requested by

Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/js/chunk-vendors.6f4ca678.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c5608a318796fdc52b540f912566079a4878ae5dd7b858d921cc0285106c30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54133
x-xss-protection: 0
expires: Thu, 11 Mar 2021 20:38:06 GMT

GET
H2 200 main_1_pote.png
checkout.thoravirilv12.com/tv/1frasco/ 294 KB
295 KB 137ms
137ms Image
image/png 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/tv/1frasco/main_1_pote.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03946acac194e8ca11499ddf90cc1137574ff6a1de9289cc4e71ef042d062d39

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:06 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300978
cf-request-id: 08c49bdaf60000d6b9fc88e000000001
last-modified: Thu, 07 Jan 2021 15:08:00 GMT
server: cloudflare
etag: "497b2-5b850ce3f4c1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sbFNJkUQdahRkTBF9oVDAZvMKug5X9VbyFjnd%2F32PDXH%2FaVKGna%2BVd8CX7m8jw0dbTo1qaWf8BYw2ISpByd9A4KNxJ3Fw0gXAmJTqXgOUM12s%2Fslbwl8H6ZrL1BrVIHBUTeB6y390Q%3D%3D"}]}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e795a4b86bd6b9-FRA

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
71 B 13ms
13ms Other
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DQY2DTM5N5&gtm=2oe330&_p=1035238118&sr=1600x1200&ul=en-us&cid=1987984477.1615495085&_s=1&dl=https%3A%2F%2Fcheckout.thoravirilv12.com%2F&dr=https%3A%2F%2Fthoravirilv12.com%2F&dt=Thoraviril%20V12&sid=1615495086&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQY2DTM5N5
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 20:38:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.thoravirilv12.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main_1_pote.png
checkout.thoravirilv12.com/tv/1frasco/ 294 KB
295 KB 12ms
12ms Image
image/png 2606:4700:3037::6815:2361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.thoravirilv12.com/tv/1frasco/main_1_pote.png
Requested by: Host: checkout.thoravirilv12.com
URL: https://checkout.thoravirilv12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03946acac194e8ca11499ddf90cc1137574ff6a1de9289cc4e71ef042d062d39

Request headers

Referer: https://checkout.thoravirilv12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:38:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300978
cf-request-id: 08c49bdc0f0000d6b9cdbcb000000001
last-modified: Thu, 07 Jan 2021 15:08:00 GMT
server: cloudflare
etag: "497b2-5b850ce3f4c1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=98RwPS6FXtGZojmLKnZuEM%2Fu7yN5lrvL%2FvuFLhpwsrJ73BPdS%2Bh6DnMJJJsORajdINC4yqznk13qnylyv0EkxjPiV%2BQaw3z6CW9eTOlxAQD%2FYG5GaNqoGv9Zu6aGUNuRnN7LwK%2FlaQ%3D%3D"}]}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e795a67afdd6b9-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalsaude.meiahora.info
URL: https://portalsaude.meiahora.info/tools/tracker.php?aid=76082&pid=&tid=18628

Domain: a.mgid.com
URL: https://a.mgid.com/mgsensor.js?d=1615495085380

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/848465672343139?v=2.9.33&r=stable

Domain: tr.outbrain.com
URL: https://tr.outbrain.com/cachedClickId?marketerId=00fad06bbb0bf0bedfb8a418e69a19c147

Domain: tr.outbrain.com
URL: https://tr.outbrain.com/unifiedPixel?marketerId=00fad06bbb0bf0bedfb8a418e69a19c147&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fcheckout%2Fp1%2F&optOut=false&bust=04856926629563727

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-HK0HECW7JZ&gtm=2oe330&_p=1166244216&sr=1600x1200&ul=en-us&cid=1987984477.1615495085&dl=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fcheckout%2Fp1%2F&dt=&sid=1615495085&sct=1&seg=1&_s=1

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-HK0HECW7JZ&gtm=2oe330&_p=1270055838&sr=1600x1200&ul=en-us&cid=1987984477.1615495085&_s=2&dl=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fpixel%2Fcheckout%2F&dr=https%3A%2F%2Fthoravirilv12.com%2Fthv%2Fcheckout%2Fp1%2F&dt=&sid=1615495085&sct=1&seg=0&en=RAZA_CHECKOUT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thoravirilv12.com/	1970-01-20 10:16:07	Name: _ga Value: GA1.1.1987984477.1615495085
.thoravirilv12.com/	1970-01-20 10:16:07	Name: _ga_HK0HECW7JZ Value: GS1.1.1615495085.1.1.1615495085.60
.thoravirilv12.com/	1970-01-19 16:44:55	Name: _gat_gtag_UA_134148284_4 Value: 1
.thoravirilv12.com/	1970-01-19 16:46:21	Name: _gid Value: GA1.2.543565401.1615495085
.thoravirilv12.com/	1970-01-19 17:28:07	Name: __cfduid Value: d1201aabbb90c68cfed88a601960e451e1615495084

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ajax.cloudflare.com
amplify.outbrain.com
analytics.google.com
cdn.jsdelivr.net
checkout.thoravirilv12.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
my.rtmark.net
p1.zemanta.com
portalsaude.meiahora.info
resources.blogblog.com
stats.g.doubleclick.net
tag.navdmp.com
themes.googleusercontent.com
thoravirilv12.com
topdanet3.blogspot.com
tr.outbrain.com
trends.revcontent.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
a.mgid.com
analytics.google.com
connect.facebook.net
portalsaude.meiahora.info
tr.outbrain.com
104.108.145.107
139.45.195.8
142.250.186.98
2600:1901:0:4e44::
2606:4700:3037::6815:2361
2606:4700::6810:a823
2606:4700::6810:ff3
2a00:1450:4001:800::2003
2a00:1450:4001:800::2009
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c1b::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:4a::621
2a04:4e42:4b::621
52.213.66.185
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03946acac194e8ca11499ddf90cc1137574ff6a1de9289cc4e71ef042d062d39
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1236c076d292caf1d10f5a18f5c7ea1639596f72b82c4396460c2cd5c8922c11
15527279240d72d3229ecbebe67d830620c4b757db114c3e1fb4b11699145ae5
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
26414913ee93000d21a9504bffb739844b08c1a99549634969b85b8edc9d665d
2c5608a318796fdc52b540f912566079a4878ae5dd7b858d921cc0285106c30a
2d3ea95b56472d03178b0ac829ca7434a22490dbd651e546c1fe6d7e3f826692
318123da89455dc6f1767aff15aebb803d29a190fff7b17941fd4afbc07b9bfd
3292d4d79f3485f1a6f24423485a23c3a362d0b2faf83d64c7ffd107a0215f7e
3b68bfef6a47beecaa079bc2f4d0e3206612b61c1b8a4cad9e2d6f2a48553c30
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f538f8dfb4c770a8ab71f47eee3ec5f4441e99e67ecdae65e5086dbf3437b7b
425f933992675b59777e6ffa75cabbf0a5f65f0f4dc707fdc99af729881b5e81
45228ea914f36541f0614b0fb14da369783a1823c4c09da4fe2d72610f2d0228
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b3c12fec8862bd6062f3a9656f973da9efeb023327a72d5488aa78fc40014a8
4e87591a71ef02562c2b2f0a71dda94ae22f2b38200ed2c3312a292dee4b13cc
55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d
5befcf8157923690acf161db9d9f1a2f095020b98ea3e341eb432454796fd53d
5ef143e017b511a33dc3a75a7f6a45d1b957ae91865b826146accfcea27bdff6
65f90889081bbc6072c000289006ae8eec0cfd8f6971b1fb216edcf02cca68c0
67f4b2a6545467682314e86be5cdfc4b6474d193a3f7e1f005ff21c7213f850f
6e32cc4b11cbcc6b484a54bd09788323e81ae026c97633c3830183f3d52498a2
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
76486ef2e00b29afb457ed916351c145fa6fbf5895621010f79fea859d357977
7d124636b0c77bb0bb16d89822e45902d14485af50d2f0043c3d75c9c42e7691
82212abf37b138d899229f2bf8892d2fb18d3b5809daeae63a1469e694baa775
837dfb60d77d8ef3aefaa15d582829bdf9c646019a6e6e89292e06ae0c7e354b
83b5ce33a06489d5de5cb3e68bf2918226c8b3d6c90f359e151ee5c3c6486c5d
8c2161610f797d0f0d1f1b8c3a751f37bf87bafd077a827f10f57fd15c8057bd
95cfd71f9a1f739ef638158ff42c689960fc00974d0ac330236277f5e7e36c8e
9917891c4b12e1e59ef7f0482d75dd66ddb12c8dd875b238c25f4b562b1111eb
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
a29f5a1dbf08c8d0e63ab98f97aa44fe7c5e24c1ebfd1db5bcfdb51bb7e8380c
aa7dc0fa6f86c52c416e2245b854d9f66383c52986ae1dbca28bde2828fe5590
acde74766da3402f9e038db3adf5528eb92357df36af596d4f891a0074bb57be
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0b696373438c4c6181437e88b8cd09784af9b05dc9bd9f0b99d5ada3ccf6e9a
b2ea6be3c1cd9cb33672e86e2a104f300c820b6cbd9342f0a3ae22d52aec1363
b3e78631f12087bcfffacd112061e2b059d7a07cc5d504fa9a9c8db66e81e63b
b4664af379943818097a6ae4ed6a8e89ab11b99c142d1ff2acec821287033e5d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b8d577b63fd5edcd4f588f2ee5757eaf63605a99d87b810417f4854db8b418d6
bd7ffebccb24759baee45a8753b6c13eaf259b61b0f4604de2f6a8bace441902
c003faffaa51f583ea10f541a0b3a6ebb0a564da6c1635bcf61ad8ba643c3025
c57a43fd56028807f0131efdf2409916692fb8189dd61eb95a818fbdabb9d86b
c9f12dbc8b7c1dcabfc343fde65615a282b441ac9aa9600ad6a9008deb315118
ca1524469c8412c2b8a4f9e013a22febed098ccc5a0a39735d50fd7ba3072c4a
ca415049160801481bc6f6edd9335236def58d1b71d93dd6ec63c991926cfc1c
d64ff2267b04d541d1cdaf2686b02f22e9a368f0c63de3c1daf698789392f404
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
df1f710f7b9c8b57c2688137678db8afe56c8fe85c99ef2eca9dcd5069d1b6c8
dfd9739abe3afecea95d7215cdfab051efcb1abca9b2a61b57d125c4ddbca241
e13c98f90243b4bcdc23cdf190d512cde3e7e76bffb0d322243ef91037532a94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d6e7b623e899c30f60a5e487234681a2f1e9a6460dbac661dc335a4aa55936
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d16054300d92de947ab6583ea4e8cd36b612fd22b23d54d067083ca88d7d0b
f36eff55d3618a2d0c8ebe4ca5656b0d7e233f7ee8fbeba027fd6ce24d5cefb2
f43cf58f01255b3aab0ac2e53579a11f3a6221d4f6be022af4f739319a072d89
f55f0da7dfca204cd3e127b7927e3bbf350586c3f0445dcb7e3d934156b8853c
f82c5904c7e5d41746a5fb635db74b1d666dc1253479deffa6e6fbdcb26d1486

checkout.thoravirilv12.com Open in urlscan Pro 2606:4700:3037::6815:2361 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

94 %HTTPS

85 %IPv6

24 Domains

29 Subdomains

28 IPs

5 Countries

2452 kBTransfer

5464 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

checkout.thoravirilv12.com Open in urlscan Pro
2606:4700:3037::6815:2361 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

94 %
HTTPS

85 %
IPv6

24
Domains

29
Subdomains

28
IPs

5
Countries

2452 kB
Transfer

5464 kB
Size

5
Cookies

117 HTTP transactions
0 data transactions