k8ccwwesx.live Open in urlscan Pro
2606:4700:3035::6815:2914 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://k8ccwwesx.live/
Effective URL:
https://k8ccwwesx.live/indexasad.php
Submission: On May 03 via api (May 3rd 2023, 5:50:15 pm UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 26 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3035::6815:2914, located in United States and belongs to CLOUDFLARENET, US. The main domain is k8ccwwesx.live.
TLS certificate: Issued by E1 on May 3rd 2023. Valid for: 3 months.

This is the only time k8ccwwesx.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	2606:4700:303... 2606:4700:3035::6815:2914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	123.30.242.10 123.30.242.10	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
9	2405:f980::1:13 2405:f980::1:13	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
8	2405:f980::1:10 2405:f980::1:10	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	14.225.10.21 14.225.10.21	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	123.30.151.70 123.30.151.70	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	123.30.242.13 123.30.242.13	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	123.30.151.81 123.30.151.81	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:99b7:871:83ab:7df8	16509 (AMAZON-02) (AMAZON-02)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
114	31

4 2606:4700:3035::6815:2914 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

k8ccwwesx.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 123.30.242.10 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

gamek.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vccorp.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2405:f980::1:13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

media1.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.contineljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2405:f980::1:10 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

static.amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deqik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amcdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg.nanda.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.225.10.21 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

adminplayer.sohatv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 123.30.151.70 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

lg1.logging.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.242.13 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

adi.admicro.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.151.81 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

fgp.philacct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:99b7:871:83ab:7df8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mediacdn.vn gamek.mediacdn.vn — Cisco Umbrella Rank: 698532 vccorp.mediacdn.vn — Cisco Umbrella Rank: 336233	1 MB
17	admicro.vn media1.admicro.vn — Cisco Umbrella Rank: 49476 lg1.logging.admicro.vn — Cisco Umbrella Rank: 40623 adi.admicro.vn — Cisco Umbrella Rank: 66376	172 KB
11	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	50 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	189 KB
5	amcdn.vn static.amcdn.vn — Cisco Umbrella Rank: 58906 amcdn.vn — Cisco Umbrella Rank: 37509	17 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	1018 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	222 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	248 KB
4	k8ccwwesx.live 2 redirects k8ccwwesx.live	13 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 753	823 B
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6386 adservice.google.de — Cisco Umbrella Rank: 9108	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	95 B
2	gstatic.com www.gstatic.com fonts.gstatic.com	43 KB
2	philacct.com static.philacct.com — Cisco Umbrella Rank: 103049 fgp.philacct.com — Cisco Umbrella Rank: 66453	15 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5918	554 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2707	104 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	606 B
1	nanda.vn lg.nanda.vn — Cisco Umbrella Rank: 66583	464 B
1	contineljs.com static.contineljs.com — Cisco Umbrella Rank: 54759	4 KB
1	deqik.com deqik.com — Cisco Umbrella Rank: 79119	13 KB
1	sohatv.vn adminplayer.sohatv.vn — Cisco Umbrella Rank: 57630	10 KB
114	26

	Domain	Requested by
33	gamek.mediacdn.vn	k8ccwwesx.live gamek.mediacdn.vn
8	lg1.logging.admicro.vn	k8ccwwesx.live media1.admicro.vn
8	media1.admicro.vn	k8ccwwesx.live media1.admicro.vn
6	cm.g.doubleclick.net	1 redirects k8ccwwesx.live googleads.g.doubleclick.net
5	tpc.googlesyndication.com	googleads.g.doubleclick.net
5	pagead2.googlesyndication.com	media1.admicro.vn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
4	connect.facebook.net	k8ccwwesx.live connect.facebook.net deqik.com
4	www.googletagmanager.com	k8ccwwesx.live deqik.com www.googletagmanager.com
4	k8ccwwesx.live	2 redirects k8ccwwesx.live
3	onetag-sys.com	2 redirects k8ccwwesx.live
3	www.google.com	k8ccwwesx.live googleads.g.doubleclick.net
3	stats.g.doubleclick.net	deqik.com www.google-analytics.com k8ccwwesx.live
3	www.google-analytics.com	deqik.com www.google-analytics.com
3	www.facebook.com	connect.facebook.net k8ccwwesx.live
3	amcdn.vn	k8ccwwesx.live
2	ups.analytics.yahoo.com	2 redirects
2	www.google.de	k8ccwwesx.live
2	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
2	static.amcdn.vn	k8ccwwesx.live lg1.logging.admicro.vn
1	fonts.gstatic.com	fonts.googleapis.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	fgp.philacct.com	k8ccwwesx.live
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.philacct.com	media1.admicro.vn
1	region1.google-analytics.com	www.googletagmanager.com
1	adi.admicro.vn	media1.admicro.vn
1	lg.nanda.vn	k8ccwwesx.live
1	static.contineljs.com	media1.admicro.vn
1	deqik.com	k8ccwwesx.live
1	adminplayer.sohatv.vn	k8ccwwesx.live
1	vccorp.mediacdn.vn	k8ccwwesx.live
114	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
hoso.gamek.vn
kto.vnggames.com
loe.vigo.vn
cuumong.vplay.vn
tranma.onelink.me
bit.ly
nhatmong.zing.vn
www.vccorp.vn
www.messenger.com

Subject Issuer	Validity	Valid
k8ccwwesx.live E1	`2023-05-03` - `2023-08-01`	3 months	crt.sh
*.mediacdn.vn Sectigo RSA Domain Validation Secure Server CA	`2022-07-02` - `2023-06-15`	a year	crt.sh
*.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2022-10-21` - `2023-11-21`	a year	crt.sh
*.amcdn.vn Sectigo RSA Domain Validation Secure Server CA	`2022-12-30` - `2023-12-08`	a year	crt.sh
*.sohatv.vn Sectigo RSA Domain Validation Secure Server CA	`2022-10-03` - `2023-11-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
deqik.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-06-28`	a year	crt.sh
*.logging.admicro.vn Sectigo RSA Domain Validation Secure Server CA	`2022-06-17` - `2023-07-18`	a year	crt.sh
*.contineljs.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-09-23`	a year	crt.sh
*.nanda.vn Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-06-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.philacct.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-09-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://k8ccwwesx.live/indexasad.php
Frame ID: FE4D581509E8D3CE35E9DF93C6948021
Requests: 83 HTTP requests in this frame

Frame: https://lg1.logging.admicro.vn/_tracking1.gif?dg=011f91d6e616b0c6fbea96bbd6c36e31&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.live&cat=%2Ftag%2Ftay-du-ky-online%2F&g=0&i=s%3B1683136206268%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B011f91d6e616b0c6fbea96bbd6c36e31%3B011f91d6e616b0c6fbea96bbd6c36e31%3B%3B-1683136202485%3B0%3B0%3B1549%3B1%3B512%3B-1683136202485%3B-1683136202485&rdm=0.7487699230597582&p=%2Findexasad.php&r=&dg=011f91d6e616b0c6fbea96bbd6c36e31&ce=1&lc=&cr=&ui=
Frame ID: 3959D1A0210423CFBB0E58ADA247CDD4
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8091C1A59DD49700AD81E607B2C9B737
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5894AB1BB8222EBC2D83E93C63CBD9FB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260
Frame ID: 4BB8F7276477C77759D7358EA8A4A156
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA562E4D59DDA67A5B4C441BBE4259ED
Requests: 9 HTTP requests in this frame

Frame: https://fgp.philacct.com/genuuidpc
Frame ID: 397A81C004DE89B42B45A8FECB3DFA22
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js
Frame ID: 9DEDF38CE17AEC26D2C88ACEFACB291F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tây Du Ký Online

Page URL History Show full URLs

http://k8ccwwesx.live/ HTTP 301
https://k8ccwwesx.live/ HTTP 301
https://k8ccwwesx.live/indexasad.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

114
Requests

96 %
HTTPS

70 %
IPv6

26
Domains

39
Subdomains

31
IPs

7
Countries

2126 kB
Transfer

4706 kB
Size

34
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gamek.vn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBEwTpFOP44fyi_7PbFYgXg

Search URL Search Domain Scan URL

URL: https://hoso.gamek.vn/?theloai=4543
Title: MMORPG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TayDuKyOfficial

Search URL Search Domain Scan URL

URL: https://kto.vnggames.com/alpha-test-1
Title: Kiếm Thế Origin

Search URL Search Domain Scan URL

URL: http://loe.vigo.vn/
Title: Chiến Binh Định Mệnh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tanomg3q.zing.vn/?ref=page_internal
Title: Tân OMG3Q VNG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lucdialorenadnxmobile
Title: Lục Địa Loren - ADNX

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dragonhunters.vn/?brand_redir=100538892569633
Title: Dragon Hunters: Heroes Legend

Search URL Search Domain Scan URL

URL: https://www.facebook.com/auditionxperfect/
Title: Audition X

Search URL Search Domain Scan URL

URL: https://cuumong.vplay.vn/
Title: Cửu Mộng Tiên Vực

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tkn.gamate.vn
Title: Tân Kỷ Nguyên

Search URL Search Domain Scan URL

URL: https://tranma.onelink.me/r92N/gamehot
Title: Trấn Ma AFK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ThanhVanKiemVGP
Title: Thanh Vân Kiếm 3D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thanvuongfuntap
Title: Thần Vương Chi Mộng

Search URL Search Domain Scan URL

URL: https://bit.ly/32MmxKT
Title: Viễn Chinh Mobile

Search URL Search Domain Scan URL

URL: https://bit.ly/3G7wnG7
Title: Tuyệt Thế Vô Song Mobile

Search URL Search Domain Scan URL

URL: https://nhatmong.zing.vn/
Title: Nhất Mộng Giang Hồ VNG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/trials.official/
Title: Trials Fusion

Search URL Search Domain Scan URL

URL: http://www.vccorp.vn/

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/152595292913
Title: Chat với tư vấn viên

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://k8ccwwesx.live/ HTTP 301
https://k8ccwwesx.live/ HTTP 301
https://k8ccwwesx.live/indexasad.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKnYsFfo4J3oPdOtWWNwTyE&google_cver=1&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R0R4T_VCNLjey HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H5Cvb1vtSkKJqtD3KfN7iQ2&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R0R4T_VCNLjey

Request Chain 109

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJHmr_lrBXrP46V8rqguTqA&google_cver=1&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVhCGbLF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVhCGbLF&google_hm=eS1vZHEzRGJ4RTJwR213Y2sxLnZjUGMzclBRLlBQUURxdn5B

Request Chain 110

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKG3AL9XUEQgCcUuseYBmIo&google_cver=1&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6mAvlqdJMRFOzk80 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6mAvlqdJMRFOzk80

Request Chain 111

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkz9ByiPeHYcsFz-9ks8Ac&google_cver=1&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4arpwJX2f-dZjKiG-T-xWhNLNyvhn HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkz9ByiPeHYcsFz-9ks8Ac&google_cver=1&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4arpwJX2f-dZjKiG-T-xWhNLNyvhn&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Pa3ZoTE1CRTJ1SEVqZ1RUVDZfN290TG5LZU5RTEVPSn5B&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4arpwJX2f-dZjKiG-T-xWhNLNyvhn

Request Chain 112

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKG3AL9XUEQgCcUuseYBmIo&google_cver=1&google_push=ATf1kGMK-Hk4pCdXAJ6ERD8REvSZew_J4wSIPWp7F-t3oJ04S9XSHDIZKaOfKz6524BZNFZ8dYl77qFYv5xvOGIvs6nmk5U2aG9upg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMK-Hk4pCdXAJ6ERD8REvSZew_J4wSIPWp7F-t3oJ04S9XSHDIZKaOfKz6524BZNFZ8dYl77qFYv5xvOGIvs6nmk5U2aG9upg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

114 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request indexasad.php Show response
k8ccwwesx.live/
Redirect Chain

http://k8ccwwesx.live/
https://k8ccwwesx.live/
https://k8ccwwesx.live/indexasad.php

30 KB
10 KB

1549ms
1548ms

Document
text/html

2606:4700:3035::6815:2914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70338fa46fe3c9c2114edc2c29933809bf57e8234fc900e9d23a56ac5be38042

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c1a5814be65901e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 17:50:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUJESoMGrzqH2lPBrgnFG6d6fBEDYK0beTQnlPUpBpacKmuakI22uriV24cd9jjNH4wtNoa%2BAvTIj%2Bzy1Y0%2FPTEwKVPGYlutHwciNGKVWxNZvIcIJvCusC5702ZzVt5Lx1oU4Mb6idSaWxcjpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c1a5812bc24901e-FRA
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 17:50:02 GMT
location: https://k8ccwwesx.live/indexasad.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSXVMBQDWsP7gijSmch7di5hE3eVuswX0RA4ByLFk7hgp6lyAaGNe5DsUMWfmhyQAs%2BmdQajXvfihxdKh6ia6c2EuZheCgBY3OZzanAXz19l65wAo0Ya1O%2FgqVVlE84%2FdapbXsEZZjqgAiQCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main-30012023v1.min.css
gamek.mediacdn.vn/web_css/ 156 KB
40 KB 890ms
440ms Stylesheet
text/css 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.bdd8a4c07819177d8cbb702d02d9166d /

Resource Hash

b9d5f3f6f18ec7d8d11e99e4d5296910252a92317fcc7526d6838dbee524792d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 04:56:56 GMT
server: VCCloud CDN / 246.bdd8a4c07819177d8cbb702d02d9166d
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
xcache-created-at: Thursday, 23-Mar-2023 11:57:18 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 1155ms
301ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17068 /
Resource Hash: 6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 09:41:58 GMT
server: ss1/17068
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:06 GMT

GET
H2 200 cdn.js Show response
static.amcdn.vn/tka/ 26 KB
7 KB 894ms
293ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/tka/cdn.js
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 6a2959b48940ae172de360c0635dac0f6f8e57201b148c4828c5e84385a9a04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 03:18:21 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:06 GMT

GET
H2 200 home2424.png
gamek.mediacdn.vn/web_images/ 208 B
318 B 229ms
223ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/home2424.png

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.80a49ac4147abbc2b16e19ccd0bf5fc1 /

Resource Hash

51492c14a0556272b9fe301830cfcdddb14c1c498557f2d24b2e31e826be7512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 11:05:34 GMT
server: VCCloud CDN / 246.80a49ac4147abbc2b16e19ccd0bf5fc1
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 208
x-xss-protection: 1; mode=block

GET
H2 200 jquery.swiper.min.7.2.0.css
gamek.mediacdn.vn/web_css/ 15 KB
5 KB 219ms
219ms Stylesheet
text/css 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_css/jquery.swiper.min.7.2.0.css

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.b534bbb0462f11fa7fc11990137fa395 /

Resource Hash

f2a3140679d704bd07329d0768adc05ac21751dd5c558d3b9971ac504b48e79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 02:48:40 GMT
server: VCCloud CDN / 246.b534bbb0462f11fa7fc11990137fa395
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
xcache-created-at: Wednesday, 01-Mar-2023 13:35:21 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox-1.3.4.css
gamek.mediacdn.vn/web_css/ 9 KB
2 KB 223ms
218ms Stylesheet
text/css 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_css/jquery.fancybox-1.3.4.css

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.c44eb772788caa2442320d483f587c9b /

Resource Hash

b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 02:51:29 GMT
server: VCCloud CDN / 246.c44eb772788caa2442320d483f587c9b
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
xcache-created-at: Thursday, 01-Dec-2022 09:54:12 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 tdk2-16112192212331729645322.jpg
gamek.mediacdn.vn/133514250583805952/2021/1/21/ 83 KB
84 KB 285ms
279ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/133514250583805952/2021/1/21/tdk2-16112192212331729645322.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.288977b71cb192ca19b7352b5da0812d /

Resource Hash

fe5ed840f07c9503864865d42bca6edc9c34d420aad23b91d864210163124a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Apr 2023 11:16:57 GMT
server: VCCloud CDN / 246.288977b71cb192ca19b7352b5da0812d
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 11:05:09 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 85398
x-xss-protection: 1; mode=block

GET
H2 200 tdk1-1611219221200522203487.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/1/21/ 5 KB
5 KB 518ms
512ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/1/21/tdk1-1611219221200522203487.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.51de336b758ea9e67a5ca49cc18da754 /

Resource Hash

ba9ddb1d991a2e4a6f444b5b5945847d53d62c4bb5262d85f5161b0e1fe9e37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 08:29:00 GMT
server: VCCloud CDN / 246.51de336b758ea9e67a5ca49cc18da754
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 15:21:15 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 5170
x-xss-protection: 1; mode=block

GET
H2 200 Mot_buoi_hop_mat_than_mat_giua_game_thu_Tay_Du_Ky_va_dai_dien_NPH-7b174.JPG
gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh-4/ 172 KB
172 KB 518ms
512ms Image
image/jpeg 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh-4/Mot_buoi_hop_mat_than_mat_giua_game_thu_Tay_Du_Ky_va_dai_dien_NPH-7b174.JPG

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.ab9f276003dab0aaa377c5014d8938f9 /

Resource Hash

afc4a1c86ef38afcfdfcdee55c3e157051f7aabdb86d306e12628d2a4e599993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 08:29:00 GMT
server: VCCloud CDN / 246.ab9f276003dab0aaa377c5014d8938f9
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 15:14:45 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 175802
x-xss-protection: 1; mode=block

GET
H2 200 Mot_noi_tap_hop_cac_cao_thu_moi_hung_huc_khi_the_trong_Tay_Du_Ky-5f40b.jpg
gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh2/ 66 KB
66 KB 518ms
513ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh2/Mot_noi_tap_hop_cac_cao_thu_moi_hung_huc_khi_the_trong_Tay_Du_Ky-5f40b.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.7bc53426b3c4da9acdae7729d79d9901 /

Resource Hash

1c5684c1ddf04d63fab4630ca65f3a7b294bf64e9071d21a75f163845e69f6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Mar 2023 18:53:15 GMT
server: VCCloud CDN / 246.7bc53426b3c4da9acdae7729d79d9901
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 15:21:17 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 67482
x-xss-protection: 1; mode=block

GET
H2 200 Tay_Du_Ky_tang_game_thu_suc_manh_cua_Sam_Than_Thor-c7940.jpg
gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh2/ 74 KB
74 KB 518ms
513ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/12/QAnh2/Tay_Du_Ky_tang_game_thu_suc_manh_cua_Sam_Than_Thor-c7940.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.107f6a15a5331436f18ebde45b9f5ba7 /

Resource Hash

679c248cd0e2f23ec4458100f283c750de53a1679ccd46e2e379c8d939c9016c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Mar 2023 12:39:15 GMT
server: VCCloud CDN / 246.107f6a15a5331436f18ebde45b9f5ba7
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 15:21:17 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 75400
x-xss-protection: 1; mode=block

GET
H2 200 cac-nhan-vat-xep-hang-nhan-chien-vu-tai-may-chu-Loi-Dinh-Than-Tuong-be4d8.JPG
gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/11/QAnh/ 59 KB
59 KB 518ms
513ms Image
image/jpeg 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/450_270/DlBlzccccccccccccE5CT3hqq3xN9o/Image/2013/11/QAnh/cac-nhan-vat-xep-hang-nhan-chien-vu-tai-may-chu-Loi-Dinh-Than-Tuong-be4d8.JPG

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.13bed028488b8c39b2b336e84ac8123a /

Resource Hash

55bc4c5878061f1b1d0a068ecb1602b91c1e80f0611c8c7ad3b18bb802299070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Apr 2023 13:46:24 GMT
server: VCCloud CDN / 246.13bed028488b8c39b2b336e84ac8123a
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 15:14:47 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 60096
x-xss-protection: 1; mode=block

GET
H2 200 31922006515466193991170113589026069338348019n-16710954880061514679125.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/12/15/ 15 KB
15 KB 517ms
512ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/12/15/31922006515466193991170113589026069338348019n-16710954880061514679125.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.e9e0992ee77e2d8c953858ece483e92e /

Resource Hash

f3f80e61346d7e6b9b88a36f1626eca327d5e2001280cd43149fcc33fa69fba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Dec 2022 09:04:56 GMT
server: VCCloud CDN / 246.e9e0992ee77e2d8c953858ece483e92e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 15722
x-xss-protection: 1; mode=block

GET
H2 200 ava-91d59.jpg
gamek.mediacdn.vn/zoom/185_185/gzsOnkcdQ4Dg5q1e4Ckccccccccc/Image/2014/05/QAnh1/ 17 KB
17 KB 614ms
609ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/gzsOnkcdQ4Dg5q1e4Ckccccccccc/Image/2014/05/QAnh1/ava-91d59.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.8a10156ee0a6550a5491bb31041e5401 /

Resource Hash

1ad374aca46cf36577a3379c638423d3121b11376701c99611405161ed925981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Nov 2022 00:55:39 GMT
server: VCCloud CDN / 246.8a10156ee0a6550a5491bb31041e5401
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Saturday, 08-Apr-2023 22:06:23 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 16972
x-xss-protection: 1; mode=block

GET
H2 200 1621954611452048941684858485915712025524945o-16167568882801599917319.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/3/26/ 12 KB
12 KB 614ms
610ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/3/26/1621954611452048941684858485915712025524945o-16167568882801599917319.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.0ba76080c099036478ada7005bca9737 /

Resource Hash

312bd7af902cbadf6ddd14db6719e0cc595d364d6c93653ea007c6415224276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 15:26:46 GMT
server: VCCloud CDN / 246.0ba76080c099036478ada7005bca9737
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 11996
x-xss-protection: 1; mode=block

GET
H2 200 28466607624175949650493141015766180211981170n-16551770124322037779274.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/6/14/ 12 KB
12 KB 615ms
610ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/6/14/28466607624175949650493141015766180211981170n-16551770124322037779274.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.4046d8454711ec10ab07c676133f8dee /

Resource Hash

ffb4b4818815b4a60d06ba867cfb18069d85f5743509f17c13d5cb8d437e7be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 03:20:13 GMT
server: VCCloud CDN / 246.4046d8454711ec10ab07c676133f8dee
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 09:06:53 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 12066
x-xss-protection: 1; mode=block

GET
H2 200 photo2022-04-0813-36-16-1649403520257976311331.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/4/8/ 16 KB
16 KB 615ms
610ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/4/8/photo2022-04-0813-36-16-1649403520257976311331.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.eb2565750e81b554dc0b9f496f187473 /

Resource Hash

185b0400b76da94d07d26fd06b2f31d3908650595fe5196f6f7e1acddbac53e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 02:59:45 GMT
server: VCCloud CDN / 246.eb2565750e81b554dc0b9f496f187473
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 16736
x-xss-protection: 1; mode=block

GET
H2 200 827066741313149650164782968600413386833920o-15813219897102055096769.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2020/2/10/ 16 KB
16 KB 615ms
611ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2020/2/10/827066741313149650164782968600413386833920o-15813219897102055096769.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.54906a42d339bbef215e8fc272a74877 /

Resource Hash

106c896480d87ae62ce2ecd2a671ec849f7c2d43a49e008a2f812a8978cd8b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Mar 2022 10:35:51 GMT
server: VCCloud CDN / 246.54906a42d339bbef215e8fc272a74877
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 22-Mar-2023 09:04:06 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 16694
x-xss-protection: 1; mode=block

GET
H2 200 2671001971164738575342461235637967784173882n-16461275731131041274760.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/ 11 KB
11 KB 615ms
611ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/2671001971164738575342461235637967784173882n-16461275731131041274760.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.266a38dd49c20b6d71b541da1aff0caf /

Resource Hash

afb133c87b954e77329aa7376df52104348a19d8eb30ecccb8570bd69265d467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 10:40:42 GMT
server: VCCloud CDN / 246.266a38dd49c20b6d71b541da1aff0caf
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Saturday, 29-Apr-2023 12:54:05 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 11412
x-xss-protection: 1; mode=block

GET
H2 200 27356753213732025877027611060072186290899n-16461286713791729361988.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/ 16 KB
16 KB 615ms
611ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/27356753213732025877027611060072186290899n-16461286713791729361988.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.79de2589a087a1f1f90c0e4f466fe6af /

Resource Hash

54b3ba3509da21554f72cac5a68716631997f3f0ebcbc62c55f17e8294c4b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Feb 2023 11:47:28 GMT
server: VCCloud CDN / 246.79de2589a087a1f1f90c0e4f466fe6af
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Saturday, 29-Apr-2023 12:54:05 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 16546
x-xss-protection: 1; mode=block

GET
H2 200 2735609101044448755015572274147577584933572n-16461285429342100479617.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/ 15 KB
15 KB 615ms
611ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/2735609101044448755015572274147577584933572n-16461285429342100479617.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.aef0430df1e670cb40ca2c2e003ac656 /

Resource Hash

bb37ce9c4b4917fa9fb4b0412a37771699b38d156b98215b13d26de3dfe75f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 03:24:42 GMT
server: VCCloud CDN / 246.aef0430df1e670cb40ca2c2e003ac656
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 15694
x-xss-protection: 1; mode=block

GET
H2 200 2737007311025878690225584346576579656015919n-1646128350197818732753.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/ 15 KB
15 KB 615ms
611ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/2737007311025878690225584346576579656015919n-1646128350197818732753.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.f11f45f2ec404580fbb9f7094ac353a4 /

Resource Hash

835ddc3354ced95a191e577a804523613b09b03c4925ff442642b7e3ea442d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 13:24:10 GMT
server: VCCloud CDN / 246.f11f45f2ec404580fbb9f7094ac353a4
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14900
x-xss-protection: 1; mode=block

GET
H2 200 2720841601015784691012142367583949367222210n-1646127908129345968564.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/ 15 KB
15 KB 616ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2022/3/1/2720841601015784691012142367583949367222210n-1646127908129345968564.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.1031bc415e125adb7ffbde5b278db5ab /

Resource Hash

2473b3c91596758d0d127c3571019e5550503b2196ce737b53b0c3ffe8e9ec27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 13:55:23 GMT
server: VCCloud CDN / 246.1031bc415e125adb7ffbde5b278db5ab
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Friday, 28-Apr-2023 15:16:28 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 15210
x-xss-protection: 1; mode=block

GET
H2 200 icon-1638433858794381197976.png
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/12/2/ 46 KB
46 KB 616ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/12/2/icon-1638433858794381197976.png

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.ff6a1e1940094bd7ec53896bd97c4dde /

Resource Hash

028c81a32aad1469b222e89a8a8cfbfad2eaf00bd35507ba5c1424cb7e582cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 03:06:37 GMT
server: VCCloud CDN / 246.ff6a1e1940094bd7ec53896bd97c4dde
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Saturday, 29-Apr-2023 12:54:05 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 47280
x-xss-protection: 1; mode=block

GET
H2 200 tuyet-the-vo-song-iconnew-1636342895808582543386.png
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/11/8/ 47 KB
48 KB 616ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/11/8/tuyet-the-vo-song-iconnew-1636342895808582543386.png

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.daeb6c7bbd8750353ee253f87b3a3df8 /

Resource Hash

242e5db71e533b96f66b03819432c6d8544dbb5318d584a85fc551d868b208d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Apr 2023 03:02:48 GMT
server: VCCloud CDN / 246.daeb6c7bbd8750353ee253f87b3a3df8
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 09:06:53 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 48488
x-xss-protection: 1; mode=block

GET
H2 200 32daf2f872c4bb9ae2d5-1-16337983279462046521052.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/10/9/ 8 KB
8 KB 616ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/10/9/32daf2f872c4bb9ae2d5-1-16337983279462046521052.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.18df41c75691bbd8a7ff3ab8a73f22ac /

Resource Hash

4f57ec1c5c3d6a390a08e59a53bab1473c888304dffdeec357805b78d52013c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 08:21:53 GMT
server: VCCloud CDN / 246.18df41c75691bbd8a7ff3ab8a73f22ac
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Wednesday, 03-May-2023 09:06:53 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 8360
x-xss-protection: 1; mode=block

GET
H2 200 r-12437418-1535283411-2537jpeg-16311742905092102168322.jpg
gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/9/9/ 14 KB
14 KB 616ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/zoom/185_185/133514250583805952/2021/9/9/r-12437418-1535283411-2537jpeg-16311742905092102168322.jpg

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.fe9ee064c33b791e876bbaa4122fb8b8 /

Resource Hash

7571605de47e3db8fb44c70fce8006953f4a0dc9da5e977a4854a3e818aec509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 03:54:38 GMT
server: VCCloud CDN / 246.fe9ee064c33b791e876bbaa4122fb8b8
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Saturday, 29-Apr-2023 12:54:05 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 13998
x-xss-protection: 1; mode=block

GET
H2 200 vccorp-s.png
vccorp.mediacdn.vn/ 8 KB
8 KB 616ms
608ms Image
image/png 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vccorp.mediacdn.vn/vccorp-s.png

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.6b9c25fdbf072bce870e138e6b958af4 /

Resource Hash

fa696f5f1aa34c6b3b3bd4dd87edcd587ac891fc2c03a68fe9b82f975241ebb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 246.6b9c25fdbf072bce870e138e6b958af4
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/png; charset=utf-8
xcache-created-at: Wednesday, 03-May-2023 18:10:52 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 7687
x-xss-protection: 1; mode=block

GET
H3 200 email-decode.min.js Show response
k8ccwwesx.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 16ms
11ms Script
application/javascript 2606:4700:3035::6815:2914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://k8ccwwesx.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/indexasad.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 Apr 2023 11:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6447b986-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwf6FUPHahfxtJx8btSykazwCUFr5hPcUVi3saBdiBGyf2FSHAIITFmf3yyzug%2FE5fku%2F%2B7YrU%2FUCCzmGp7%2FE3p12NBm3SOXu5RyPQwEEUw4iDC%2FonDHlySZ%2FVac8YLdvHUPNo1wBaTJyzy4Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c1a5827f9b792a5-FRA
expires: Fri, 05 May 2023 17:50:06 GMT

GET
H2 200 gamek-09092022v1.min.js Show response
gamek.mediacdn.vn/web_js/ 263 KB
97 KB 616ms
613ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.a261b85c812601a7b7c6b60485bb5afd /

Resource Hash

c8e1eebc02599c9896e78d721eb085cf848d4de35b795b0c704928230ac43d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 11:05:52 GMT
server: VCCloud CDN / 246.a261b85c812601a7b7c6b60485bb5afd
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Friday, 24-Mar-2023 18:06:01 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 playerInitScript.js Show response
adminplayer.sohatv.vn/resource/init-script/ 25 KB
10 KB 689ms
224ms Script
application/javascript 14.225.10.21
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://adminplayer.sohatv.vn/resource/init-script/playerInitScript.js
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 14.225.10.21 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: static.vnpt.vn
Software: / X3-PLAYER
Resource Hash: 2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 1.085ms
date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-powered-by: X3-PLAYER
etag: W/"64e6-AlsgVvW/MvfywaUw1cv7LgBWh9A"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
x-content-length: 25830
x-host-name: conadminplayer-04-46-56

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
41 KB 83ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ4QL46

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

700e6729f70d67dad93abaa0dac3836bd4c1339daef3e185e0bb41481888ba7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41214
x-xss-protection: 0
last-modified: Wed, 03 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 17:50:06 GMT

GET
H2 200 ATMJGB0YKY21R.js Show response
deqik.com/tag/corejs/ 42 KB
13 KB 1210ms
601ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/v1 /
Resource Hash: a263eac2ad4afa7f7c974e9676e0fb60bc735b450b57ce30f08bd37a575d5e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 06:58:29 GMT
server: aws/v1
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 13154
expires: Wed, 03 May 2023 18:00:06 GMT

GET
H2 200 admcore.js Show response
media1.admicro.vn/core/ 156 KB
43 KB 487ms
484ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcore.js
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17068 /
Resource Hash: 5796dad7ea6e51f9ebcb34f34a0494c63afe5ebb32edf14e25987404e89640c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 08:28:02 GMT
server: ss1/17068
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:06 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
619 B 687ms
226ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/87R454L0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/87R454L0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
458 B 1512ms
890ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a2392 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a2392
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite20150608.png
gamek.mediacdn.vn/web_images/ 95 KB
96 KB 612ms
612ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/sprite20150608.png

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.054aafa980a3140729df7ee74be75a7b /

Resource Hash

750adbcdb929dc3e8a56318ce17088877980d77119e2bb8b5cdaac33a7098aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 17:59:09 GMT
server: VCCloud CDN / 246.054aafa980a3140729df7ee74be75a7b
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Thursday, 27-Apr-2023 13:00:00 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 97710
x-xss-protection: 1; mode=block

GET
H2 200 gamek_logo_30052022.svg
gamek.mediacdn.vn/web_images/ 11 KB
5 KB 612ms
612ms Image
image/svg+xml 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/gamek_logo_30052022.svg

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.8e800f3d3a7a5531d1ab970885e5ac19 /

Resource Hash

8455c1c2d1cfbcc4d91725ec2d6ff649c6479110951dac890fdf6bb9da74ba5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 08:31:49 GMT
server: VCCloud CDN / 246.8e800f3d3a7a5531d1ab970885e5ac19
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
xcache-created-at: Sunday, 01-Jan-2023 15:33:06 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 UTM_Bebas.woff2
gamek.mediacdn.vn/web_font/ 9 KB
10 KB 698ms
231ms Font
application/font-woff2 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_font/UTM_Bebas.woff2

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.84ad5ae1d76ab9aaa53b52d19701f66e /

Resource Hash

33c654bc9298696de6a89c1367f976c63c2648472ff6e7f1dc8447a7b096f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
Origin: https://k8ccwwesx.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Aug 2022 11:03:16 GMT
server: VCCloud CDN / 246.84ad5ae1d76ab9aaa53b52d19701f66e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 9272
x-xss-protection: 1; mode=block

GET
H2 200 ads_code_1.ads Show response
media1.admicro.vn/ads_codes/ 0
242 B 594ms
593ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/ads_codes/ads_code_1.ads
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 04:47:24 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
content-length: 23
expires: Wed, 03 May 2023 18:00:06 GMT

GET
H2 200 lgnews.js Show response
static.contineljs.com/core/ 11 KB
4 KB 893ms
294ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.contineljs.com/core/lgnews.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 8de73b8c9c9d8b3359c9e50a046f1cc12277e3fbbe4f19c8d47434b2fdccebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 08:41:29 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 ftest
amcdn.vn/ 35 B
458 B 1304ms
878ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/ftest?lsn=011f91d6e616b0c6fbea96bbd6c36e31&dg=011f91d6e616b0c6fbea96bbd6c36e31&ui=&url=http%3A%2F%2F1k8ccwwesx.live%2Findexasad.php&rd=0.723946452910065
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a2393 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a2393
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ftest
lg1.logging.admicro.vn/ 35 B
620 B 489ms
224ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/ftest?lsn=011f91d6e616b0c6fbea96bbd6c36e31&dg=011f91d6e616b0c6fbea96bbd6c36e31&ui=&url=http%3A%2F%2F2k8ccwwesx.live%2Findexasad.php&rd=0.35585111961039817
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/11R376RNTC /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/11R376RNTC
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _tracking1.gif
lg1.logging.admicro.vn/ 35 B
715 B 491ms
227ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=011f91d6e616b0c6fbea96bbd6c36e31&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.live&cat=%2Ftag%2Ftay-du-ky-online%2F&g=0&i=v%3B1683136206268%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B011f91d6e616b0c6fbea96bbd6c36e31%3B011f91d6e616b0c6fbea96bbd6c36e31%3B%3B-1683136202485%3B0%3B0%3B1549%3B1%3B512%3B-1683136202485%3B-1683136202485&rdm=0.9769445800613277&p=%2Findexasad.php&r=&dg=011f91d6e616b0c6fbea96bbd6c36e31&ce=1&lc=&cr=&ui=

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

aws/v1/86R225L0A1 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:06 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/86R225L0A1
x-frame-options: allowall
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mapid
lg.nanda.vn/ 35 B
464 B 943ms
306ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg.nanda.vn/mapid?src=admicro&dguid=011f91d6e616b0c6fbea96bbd6c36e31&3guid=
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/n2555 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/n2555
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gamedownload.png
gamek.mediacdn.vn/web_images/ 3 KB
4 KB 382ms
381ms Image
image/webp 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamek.mediacdn.vn/web_images/gamedownload.png

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.b2c36efc33f78ea678e1b24b23190ce4 /

Resource Hash

40d9593cb1c8c513b1cfae9fdbb529cd7daf95081de56c4ec23d179a4e62b63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamek.mediacdn.vn/web_css/main-30012023v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Apr 2023 02:46:48 GMT
server: VCCloud CDN / 246.b2c36efc33f78ea678e1b24b23190ce4
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
xcache-created-at: Sunday, 23-Apr-2023 21:47:19 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 3518
x-xss-protection: 1; mode=block

GET
H2 200 admcoreext.js Show response
media1.admicro.vn/core/ 14 KB
5 KB 299ms
299ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/admcoreext.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17068 /
Resource Hash: 8c6dc32d121be2319e6605e1f583ef12a9d76a9d0d68ab1a6dd76049e35d87a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 09:02:41 GMT
server: ss1/17068
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 arf-57.min.js Show response
media1.admicro.vn/cms/ 89 KB
9 KB 300ms
300ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-57.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: cf0cf3a4991aa017eea8141c9918da7f32a776fcf779f37cdd9505a3c50539d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 genjs_ht26032019.js Show response
adi.admicro.vn/adt/cpc/tvcads/tracking/ 28 B
529 B 765ms
230ms Script
application/javascript 123.30.242.13
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://adi.admicro.vn/adt/cpc/tvcads/tracking/genjs_ht26032019.js?v=0.30081889638163073

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.bba3c74344ee9133b8b4fb07703f8545 /

Resource Hash

e8fab4708422172956dd7b3e03593b6158704e6c1a1cc8a5313e461c166afa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: VCCloud CDN / 247.bba3c74344ee9133b8b4fb07703f8545
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript; charset=utf-8
xcache-created-at: Thursday, 04-May-2023 00:50:02 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 adm_tracking.js Show response
media1.admicro.vn/core/ 26 KB
8 KB 301ms
301ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/core/adm_tracking.js?id=1
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17077 /
Resource Hash: 6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 09:41:58 GMT
server: ss1/17077
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 cmd_track
amcdn.vn/ 35 B
239 B 613ms
610ms Image
image/gif 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amcdn.vn/cmd_track?lsn=011f91d6e616b0c6fbea96bbd6c36e31&dg=011f91d6e616b0c6fbea96bbd6c36e31&ui=&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.live&p=%2Findexasad.php&r=&cat=%2Ftag%2Ftay-du-ky-online%2F&vp=1600x1200
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: aws/a2417 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/a2417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 33ms
12ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80dda122ffbd6798f6854c78267fa4d2279a0c54846f1af93bb842c7320f2bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:50:07 GMT
content-md5: y9021oN5/wuxoN89PBHI8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: KFOi9gFiuAbKI9GNVWL4l/gf+J363P2v+KWcXGecRW4ATkA2xsYYtflc/ax/cFoCyK2zSlWOpr5ke/vC1JQauw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 8b200430a7bdfa86f6a6138247b98f8e
cross-origin-opener-policy: same-origin-allow-popups
etag: "c7293fd49e340e518bd39d7f51ee31a3"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 03 May 2023 17:56:06 GMT

GET
H2 200 _tracking1.gif Show response
lg1.logging.admicro.vn/ Frame 3959 720 B
1 KB 227ms
227ms Document
text/html 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://lg1.logging.admicro.vn/_tracking1.gif?dg=011f91d6e616b0c6fbea96bbd6c36e31&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.live&cat=%2Ftag%2Ftay-du-ky-online%2F&g=0&i=s%3B1683136206268%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B011f91d6e616b0c6fbea96bbd6c36e31%3B011f91d6e616b0c6fbea96bbd6c36e31%3B%3B-1683136202485%3B0%3B0%3B1549%3B1%3B512%3B-1683136202485%3B-1683136202485&rdm=0.7487699230597582&p=%2Findexasad.php&r=&dg=011f91d6e616b0c6fbea96bbd6c36e31&ce=1&lc=&cr=&ui=

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/adm_tracking.js?v=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

aws/v1/46R5540A1B /

Resource Hash

f8728539fc89ba1770ea668fec47fb75aabc367c0508168524a048301e90a5fd

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

Referer: https://k8ccwwesx.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 720
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 17:50:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
pragma: no-cache
server: aws/v1/46R5540A1B
x-frame-options: allowall

GET
H3 200 all.js Show response
connect.facebook.net/vi_VN/ 303 KB
85 KB 25ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=02e4c234acd477406c91167f190b08c6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2815303d3b0b23269b57e4a5ff8494cbfc8ff0cc65e67180f250f1a6dfdabcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://k8ccwwesx.live/
Origin: https://k8ccwwesx.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:50:07 GMT
content-md5: Ix8mCg1nQOBhSD3kvh63Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87143
x-fb-rlafr: 0
x-fb-debug: 3cetW5N40esnKrWi3uZvAMpUIyLpjSMA9eEpqUMI6OluaVhEXhO9BDI2GarrD72Ah19pLoletNiVxIi0JOLDow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c340eea193a432614c66b9be2bf31061
cross-origin-opener-policy: same-origin-allow-popups
etag: "33dd20b658ad4ad0393e881594585931"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 May 2024 12:45:53 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 131ms
114ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=618158328194206&input_token&origin=1&redirect_uri=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=02e4c234acd477406c91167f190b08c6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: IRa57QnZli1j5enVQBNIe74sdeDdzEf18el86+TFI5zCHxsltQj6Y+pU33Nymace1lNi8HNNGK9yOK9QSUbNtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://k8ccwwesx.live
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Arf.min.js Show response
media1.admicro.vn/cms/ 289 KB
91 KB 300ms
300ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/Arf.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/arf-57.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: 9b69708c866676e9c188a7727e93b0c10d9e4c37945f1a8490ed6a24d692f8bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 14:28:53 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 persist.js Show response
static.amcdn.vn/core/ Frame 3959 26 KB
8 KB 292ms
292ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amcdn.vn/core/persist.js
Requested by: Host: lg1.logging.admicro.vn
URL: https://lg1.logging.admicro.vn/_tracking1.gif?dg=011f91d6e616b0c6fbea96bbd6c36e31&fl=-1.-1.&je=0&sr=1600x1200&sc=24&hn=k8ccwwesx.live&cat=%2Ftag%2Ftay-du-ky-online%2F&g=0&i=s%3B1683136206268%3B0%3B0%3B1%3B0%3B0%3B1600x1200%3B0%3B0%3B011f91d6e616b0c6fbea96bbd6c36e31%3B011f91d6e616b0c6fbea96bbd6c36e31%3B%3B-1683136202485%3B0%3B0%3B1549%3B1%3B512%3B-1683136202485%3B-1683136202485&rdm=0.7487699230597582&p=%2Findexasad.php&r=&dg=011f91d6e616b0c6fbea96bbd6c36e31&ce=1&lc=&cr=&ui=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: 9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lg1.logging.admicro.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 06:49:30 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 53ms
9ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2703
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 19:05:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
27 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 May 2023 17:50:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27428
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: f39PjGRUbWY0HWa3Q7KcxfypJgNAS/dXedt+lI7tUdWapBNChG6MuQ569dsp0vGyAHOG7UP3NKFcS0lUtcWxtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 95ms
23ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 16:40:21 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Wed, 03 May 2023 18:40:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cb088fddc828d4f3d5b11ecd196c7c673866a83d39ac07f132355db9d4bfd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 17:50:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ4QL46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9cf25a98a48403988a8711e9d97d86ee811113453b3b9e659687681b6ef9821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 17:50:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-748929497

Requested by

Host: deqik.com
URL: https://deqik.com/tag/corejs/ATMJGB0YKY21R.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7173edeafb35528dce2bf58fd15ff9a95783c7a5425cf7dc447a80eb1dc2ff37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52437
x-xss-protection: 0
last-modified: Wed, 03 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 17:50:07 GMT

GET
H3 200 272928993613453 Show response
connect.facebook.net/signals/config/ 375 KB
107 KB 19ms
14ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272928993613453?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1562d52e7ec908dc77567979eefa514e785555a51fa6ecddd56f7edf67e909a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 17:50:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109688
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vBZ5EKM87XAWTjiuW2eAHopqZ1ZJqJqor16cExnXDCgFvKFnBDMVAlM6JVZdRdX+gzEUOm+tU6xvPfLQOpGPtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery.swiper.min.7.2.0.js Show response
gamek.mediacdn.vn/web_js/ 132 KB
45 KB 228ms
223ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/jquery.swiper.min.7.2.0.js

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.c3c052c2a58bada5ee4c45274b2d842c /

Resource Hash

62eb35c7dfb8f9d5bf358c805f3c8063fda32dbf0a81608f2179e8af2ca4ad0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 04 Mar 2023 03:54:43 GMT
server: VCCloud CDN / 246.c3c052c2a58bada5ee4c45274b2d842c
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Sunday, 05-Mar-2023 11:12:20 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox-1.3.4.js Show response
gamek.mediacdn.vn/web_js/ 29 KB
9 KB 233ms
228ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/jquery.fancybox-1.3.4.js

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.cd728780b220de9d562889997449a58f /

Resource Hash

550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Mar 2022 03:28:08 GMT
server: VCCloud CDN / 246.cd728780b220de9d562889997449a58f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 24ms
23ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1312293250&t=pageview&_s=1&dl=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ul=en-us&de=UTF-8&dt=T%C3%A2y%20Du%20K%C3%BD%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=301884572&gjid=1023420613&cid=282619305.1683136207&tid=UA-34575478-19&_gid=526504382.1683136207&_r=1&_slc=1&z=943079284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 43ms
25ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1312293250&t=pageview&_s=1&dl=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ul=en-us&de=UTF-8&dt=T%C3%A2y%20Du%20K%C3%BD%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1259635254&gjid=832990092&cid=282619305.1683136207&tid=UA-143999657-2&_gid=526504382.1683136207&_r=1&_slc=1&z=176378646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/748929497/ 3 KB
2 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748929497/?random=1683136207390&cv=11&fst=1683136207390&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&hn=www.googleadservices.com&frm=0&tiba=T%C3%A2y%20Du%20K%C3%BD%20Online&auid=196221737.1683136207&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748929497

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72c78beed5543dd0e83f6129363cd3ffd350719c7428d1ba5321354c4b77898f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 41ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SPFXF87NXW&gtm=45je3510&_p=1312293250&cid=282619305.1683136207&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683136207&sct=1&seg=0&dl=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&dt=T%C3%A2y%20Du%20K%C3%BD%20Online&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPFXF87NXW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
210 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-34575478-19&cid=282619305.1683136207&jid=301884572&gjid=1023420613&_gid=526504382.1683136207&_u=IEBAAEAAAAAAACAAI~&z=1824505216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://k8ccwwesx.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k8ccwwesx.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 list-09092022v1.min.js Show response
gamek.mediacdn.vn/web_js/ 1 KB
565 B 220ms
219ms Script
application/javascript 123.30.242.10
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://gamek.mediacdn.vn/web_js/list-09092022v1.min.js

Requested by

Host: gamek.mediacdn.vn
URL: https://gamek.mediacdn.vn/web_js/gamek-09092022v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 246.dc26f2fe45c74ad417d51b5b601358f7 /

Resource Hash

0fb48768d4afbe2ae2b680b90443bf4e458c755622e2550bf3989e93ca3c3c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 12 Mar 2023 08:42:59 GMT
server: VCCloud CDN / 246.dc26f2fe45c74ad417d51b5b601358f7
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
xcache-created-at: Wednesday, 15-Mar-2023 15:45:19 +07
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: HIT from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
77 B 9ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272928993613453&ev=PageView&dl=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&rl=&if=false&ts=1683136207501&sw=1600&sh=1200&v=2.9.103&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1683136207500.2065290094&it=1683136207321&coo=false&rqm=GET

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 May 2023 17:50:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1503494549&utmhn=k8ccwwesx.live&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T%C3%A2y%20Du%20K%C3%BD%20Online&utmhid=1312293250&utmr=-&utmp=%2Findexasad.php&utmht=1683136207568&utmac=UA-46362619-5&utmcc=__utma%3D64151541.282619305.1683136207.1683136208.1683136208.1%3B%2B__utmz%3D64151541.1683136208.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1471103410&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 72ms
45ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-34575478-19&cid=282619305.1683136207&jid=301884572&_u=IEBAAEAAAAAAACAAI~&z=1020768218

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 75ms
48ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-34575478-19&cid=282619305.1683136207&jid=301884572&_u=IEBAAEAAAAAAACAAI~&z=1020768218

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/748929497/ 42 B
455 B 41ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/748929497/?random=1683136207390&cv=11&fst=1683133200000&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&frm=0&tiba=T%C3%A2y%20Du%20K%C3%BD%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2218869118&rmt_tld=0&ipr=y

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/748929497/ 42 B
455 B 47ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/748929497/?random=1683136207390&cv=11&fst=1683133200000&bg=ffffff&guid=ON&async=1&gtm=45be3510&u_w=1600&u_h=1200&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&frm=0&tiba=T%C3%A2y%20Du%20K%C3%BD%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2218869118&rmt_tld=1&ipr=y

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
static.philacct.com/ngvmfg/static/js/ 45 KB
14 KB 903ms
301ms Script
application/x-javascript 2405:f980::1:10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.philacct.com/ngvmfg/static/js/bundle.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/core/admcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17205 /
Resource Hash: e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 08:39:52 GMT
server: ss1/17205
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:08 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 225ms
224ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&zid=57&pgid=1683136207792945588&uid=6131362061365181736&ui=6131362061365181736&cr=1683136206

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:08 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 arf-jxjxpls5.min.js Show response
media1.admicro.vn/cms/ 12 KB
3 KB 300ms
299ms Script
application/x-javascript 2405:f980::1:13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.admicro.vn/cms/arf-jxjxpls5.min.js
Requested by: Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2405:f980::1:13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: ss1/17206 /
Resource Hash: fa852ae558d81f45f70172edda0888aa0bc9d2a9b8dd0af065c5fdafd2b66404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 17:30:57 GMT
server: ss1/17206
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate, proxy-revalidate
expires: Wed, 03 May 2023 18:00:08 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8091 0
18 B 9ms
8ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://k8ccwwesx.live
Referer: https://k8ccwwesx.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://k8ccwwesx.live
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:08 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5894 91 KB
32 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: media1.admicro.vn
URL: https://media1.admicro.vn/cms/Arf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2c644a60eccc2ba1fac6c2811a352f750fe92acde2cc9a670fbf3b684871977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32216
x-xss-protection: 0
server: cafe
etag: 8848864342553204092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:08 GMT

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 228ms
228ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&zid=57&pli=276920&cmpg=1042600&items=276920&cat=%2ftag%2ftay-du-ky-online%2f&cov=0&pgid=1683136207792945588&uid=6131362061365181736
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/57R6160A1B /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:08 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/57R6160A1B
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advbcms
lg1.logging.admicro.vn/ 35 B
543 B 227ms
227ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.logging.admicro.vn/advbcms?dmn=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&zid=jxjxpls5&pgid=1683136207792945588&uid=6131362061365181736&ui=6131362061365181736&cr=1683136206

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Frame-Options	allowall

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:08 GMT
x-frame-options: allowall
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/ Frame 5894 354 KB
119 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.live&bust=31074265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a1e88649a043ceb02042351331776d46f8c44c9e71405f0b83c3a80cee6655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122072
x-xss-protection: 0
server: cafe
etag: 6709007023502066603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5894 395 B
606 B 44ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k8ccwwesx.live&callback=_gfp_s_&client=ca-pub-6366951472589375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6366951472589375&plah=k8ccwwesx.live&bust=31074265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6011db5e5f967ba3a0f9f9397e0577ed18dd2fee779524f6e5db71ad09d25ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5894 107 B
531 B 44ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k8ccwwesx.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5894 107 B
456 B 51ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k8ccwwesx.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BB8 95 KB
30 KB 351ms
351ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73064591e9e6df9821a3dc41bb43fa707b1b1d98e5612f9049e62c05eb47885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k8ccwwesx.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 17:50:09 GMT
expires: Wed, 03 May 2023 17:50:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cpx_cms
lg1.logging.admicro.vn/ 35 B
477 B 228ms
227ms Image
image/gif 123.30.151.70
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg1.logging.admicro.vn/cpx_cms?dmn=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&zid=57&pli=276920&cmpg=1042600&items=276920&cat=%2ftag%2ftay-du-ky-online%2f&cov=2&pgid=1683136207792945588&uid=6131362061365181736
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.70 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: aws/v1/86R225L0A1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k8ccwwesx.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:08 GMT
last-modified: Sun, 17 May 1998 07:00:00 GMT
server: aws/v1/86R225L0A1
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4BB8 9 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 17:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 16:07:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 17:50:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 4BB8 2 KB
845 B 35ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:43:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 4BB8 22 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:34:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 4BB8 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 16:53:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 4BB8 19 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:35:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4BB8 0
0 17ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdZwhGZwYwFT2SOhO3McYKmZa03uAEL-mv9DmeVqwuV78twjrVPNl-WsWVf3urcxfgZdJFr_WpUi30-BdULfxJ0rUlag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BB8 160 KB
49 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:50:09 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 4BB8 32 KB
14 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 12:11:33 GMT

GET
H2 200 7302953361830581942
tpc.googlesyndication.com/simgad/ Frame 4BB8 3 KB
4 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7302953361830581942?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee7e27d33ae3060a2007b7e85cd37f26a4408d152ab58f10a66cd04321f12bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:24:02 GMT
x-content-type-options: nosniff
age: 386767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3388
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 09:25:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 06:24:02 GMT

GET
DATA 200
OK truncated
/ Frame 4BB8 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4BB8 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4BB8 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA56 1 KB
643 B 10ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Thu, 04 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 genuuidpc Show response
fgp.philacct.com/ Frame 397A 0
147 B 699ms
240ms XHR
text/plain 123.30.151.81
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp.philacct.com/genuuidpc
Requested by: Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.30.151.81 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Rapidoid /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://k8ccwwesx.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 03 May 2023 17:50:09 GMT
server: Rapidoid
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 4BB8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b137b5acd30ba40dec8122cb48ad1b0c7bce2ddbbd905746d13d032e8e07396

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FA56 0
104 B 103ms
29ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMJNaU6RV7JI1FAE7OyqtDs&google_cver=1&google_push=ATf1kGN179-D-W3XJbb2s1LAiEkF0w28cMJjvjGfcX8EucWwqT4FnM3AgjyIsCqDGt3dmVGYrEgruYxTFezY_NpbFklouo_3mWA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FA56 70 B
265 B 120ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAnJuf5Pp73tLMAGgtqVR6k&google_cver=1&google_push=ATf1kGNHkVOcEaLnAeDCWsbczmR0Jj9xNn5XfMMmigGSRlf4I-Yt7UWvs_voIYlflbaG3P_IfHnwfC-jKz623V3jnnZsCueccBSb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366951472589375&output=html&h=90&slotname=6721968282&adk=3456145410&adf=3471351516&pi=t.ma~as.6721968282&w=728&lmt=1683136208&url=https%3A%2F%2Fk8ccwwesx.live%2Findexasad.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683136208477&bpp=14&bdt=157&idt=242&shv=r20230501&mjsv=m202304270101&ptt=5&saldr=sa&correlator=4648808784395&frm=23&ife=1&pv=2&ga_vid=282619305.1683136207&ga_sid=1683136208&ga_hid=1995751642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=160&biw=1600&bih=1200&isw=728&ish=90&ifk=4212140677&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074265%2C44788442%2C44789761%2C44789924&oid=2&pvsid=3315098251140618&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.abbhwizagmhi&fsb=1&dtd=260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA56
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKnYsFfo4J3oPdOtWWNwTyE&google_cver=1&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H5Cvb1vtSkKJqtD3KfN7iQ2&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R0R4T_VCNLjey

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H5Cvb1vtSkKJqtD3KfN7iQ2&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R0R4T_VCNLjey

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 May 2023 17:50:09 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H5Cvb1vtSkKJqtD3KfN7iQ2&google_push=ATf1kGORrK5yLWtdOyHzXzec7tfJqBPXau_Rqis_qbAV8FIZL5h-ek4DEdLyeVOvQgrRUUz9WALl8XSfXILNNR2R0R4T_VCNLjey
x-host: tde-deliveryengine-production-797dcffc79-vsgjg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA56
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJHmr_lrBXrP46V8rqguTqA&google_cver=1&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVh...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVhCGbLF&google_hm=eS1vZHEzRGJ4RTJwR213Y2...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVhCGbLF&google_hm=eS1vZHEzRGJ4RTJwR213Y2sxLnZjUGMzclBRLlBQUURxdn5B

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 May 2023 17:50:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP7s8Be3YiETzhWMs-yBNAOjQ0KupMfA6uAfDSlboOZtWsa3ZUrzua15NIEGBHTXMgVkSl0FVXsnZ6RW9iddfg-fVhCGbLF&google_hm=eS1vZHEzRGJ4RTJwR213Y2sxLnZjUGMzclBRLlBQUURxdn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA56
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKG3AL9XUEQgCcUuseYBmIo&google_cver=1&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6mAvlqdJMRFOzk80

170 B
243 B

23ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6mAvlqdJMRFOzk80

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPcgmOXBSUhl3YMABzUbVFmmsJroqnx9W06SjG0PLAMF4Cz7dYWSgkGYzwAbeaaj7Yk31G58yp79Ns6mAvlqdJMRFOzk80
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA56
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkz9ByiPeHYcsFz-9ks8Ac&google_cver=1&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4ar...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkz9ByiPeHYcsFz-9ks8Ac&google_cver=1&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4ar...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Pa3ZoTE1CRTJ1SEVqZ1RUVDZfN290TG5LZU5RTEVPSn5B&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7l...

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Pa3ZoTE1CRTJ1SEVqZ1RUVDZfN290TG5LZU5RTEVPSn5B&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4arpwJX2f-dZjKiG-T-xWhNLNyvhn

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Pa3ZoTE1CRTJ1SEVqZ1RUVDZfN290TG5LZU5RTEVPSn5B&google_push=ATf1kGOGi907_UfMve8hsAygJVYA8pPUYCn_70gjapol3qcuuuR073s7lEABSe9mUNXa_ng4arpwJX2f-dZjKiG-T-xWhNLNyvhn
date: Wed, 03 May 2023 17:50:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame FA56
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKG3AL9XUEQgCcUuseYBmIo&google_cver=1&google_push=ATf1kGMK-Hk4pCdXAJ6ERD8REvSZew_J4wSIPWp7F-t3oJ04S9XSHDIZKaOfKz6524BZNFZ8dYl77qFYv5x...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMK-Hk4pCdXAJ6ERD8REvSZew_J4wSIPWp7F-t3oJ04S9XSHDIZKaOfKz6524BZNFZ8dYl77qFYv5xvOGIvs6nmk5U2aG9upg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

10ms
10ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: k8ccwwesx.live
URL: https://k8ccwwesx.live/indexasad.php

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FA56 0
130 B 44ms
17ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOkmWKa9hH4exN13jf1c-VMkETF9STEzhU5cRfgS6CxmG0cSQvfUk_akD0UelrPdJDmE7YL4M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:50:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 4BB8 29 KB
30 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 329019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:26:30 GMT

GET
H3 200 FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DED 37 KB
14 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:09:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BB8 42 B
64 B 145ms
126ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoeHwfVI20uJKNZsM3q4Ikkfx6y7n3_r-5iDgnSmOy6hsf9_wbQ3pgJRmOFjYDH_uNrRwpJoeeIbFuzrZSNT92cuzpNlphuA1Un7QsK6MCIS_6mHVEWxNcCpU-Dd-neZXCkYA1eydwDY735bFcuSlyRVLTojhmSFYdGejsIA6iPaJGhYJk8nVIBDb4mm5X00yxbb5b-I5x5gXfX3IWyET5avfGMvIjXwSFWO1PfbLGblgy-aLIZBTp_OIBOLR9X0b6TTOZkF2bR-6zue70kmpUbJ48tnoSibSf5b9l3XuYFUX3cqpdDA8zQFzkhZAWIEFx69XRDLXzIY3NKEuUC9UshvT71NGs0Z9iuUHVLtbmyB8Fn-bFt4P0RRCwIPU0zDo3iYRI0il6A3XM2dmPV3IolykpL0OUppyFzwXOtJ4pYuzp4dlGXxLjldusM2kinM6H_OQ1IJAtv-JiA8Fn8PHtnl3wzMjstE0xX8-aYptmrpLCBPiJofI322G3Zq0pkbA7uBgNFRuYfDvXKBvuk_72T_-2YciRV71Xhs8YSL4V_XnzFkpCM4TME2_RShP3-ofgM78QCdE1TARbvf4jMsLgynqp6Zh8JF0VB6yr8daR6knuKCDJcFnDlg8ZoPp5sU3GyNS1Cv7nQXPF6i329BIsKIPsSdNTva-xJMvLrugMJsHJSrvKRzTjaZXewdoFo2-NU6n59_i2YhUq-6pwDXwZ4pd6uVAtUFT-2KRB00fcLDeuYvOC5dQPYRs_noBoHbR-eMpw8AqGH_9rymZAkJKTtIDbfgB5cQ4cBbMt9kIVkjHpPEgedEW45g6GxfD1nE9uHE-yJK2c58Kn1AHyKvCz43AxjJTswej84XJtDpsMflph5j0mM4LzFe6DKcYOjRJU-67XKUxhH5IXtJEWv56WYtoZcAGVb_yfqNhGFg5e0v6EePhB1HC_aQPCB9Z9dcJxO1iWV5AhiD04eUZRuHJQK0eLAy5T3O_Mbznx2dsWP5snNqUOY95nGdm8A_lbOSfXLZmvlEhwFiF6g1THW9Qfik5DlV7RkbBXoFMzzVtSP5c&sai=AMfl-YS73kO5S4MeUI7IvA0DcxRjhG9XbPoSkbk30fgZLswLo08WyR_RKUJ0JozWAJFH8rPglpmIyfFH56D9bj9DnyNhx-I5cjW9nQQB8A4dwHyfvQXIyb14&sig=Cg0ArKJSzIewj3farHz8EAE&cid=CAQSKQBygQiD2Bzjs-JeqJ0ENKiO50xuvPpocFBrnOSqmC3Iy4bye-vhjpmoGAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3456145410&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683136208739&rpt=898&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 17:50:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.k8ccwwesx.live/	1970-01-20 21:08:16	Name: __uidac Value: 011f91d6e616b0c6fbea96bbd6c36e31
.logging.admicro.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136206
.logging.admicro.vn/	1970-01-20 11:32:16	Name: __OS Value: 10_Windows+10_+_+_14_113.0.5672.63__0
.logging.admicro.vn/	1970-01-20 21:08:16	Name: __uid Value: 6131362061365181736
.logging.admicro.vn/	1970-01-20 11:33:42	Name: uinfo Value: -1
.logging.admicro.vn/	1970-01-20 11:33:42	Name: __tb Value: 0
.logging.admicro.vn/	1970-01-20 11:32:18	Name: linfo Value: 115_1683136207
.logging.admicro.vn/	1970-01-20 11:32:18	Name: __C Value: 115_1683136207
.lg.nanda.vn/	1970-01-20 21:08:16	Name: __uid Value: 5983136207103255697
.lg.nanda.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136207
.k8ccwwesx.live/	1970-01-20 11:33:42	Name: _gid Value: GA1.2.526504382.1683136207
.k8ccwwesx.live/	1970-01-20 11:32:16	Name: _gat_GA1 Value: 1
.k8ccwwesx.live/	1970-01-20 11:32:16	Name: _gat_testChannel Value: 1
.k8ccwwesx.live/	1970-01-20 13:41:52	Name: _gcl_au Value: 1.1.196221737.1683136207
.k8ccwwesx.live/	1970-01-20 21:08:16	Name: _ga_SPFXF87NXW Value: GS1.1.1683136207.1.0.1683136207.0.0.0
.k8ccwwesx.live/	1970-01-20 21:08:16	Name: _ga Value: GA1.1.282619305.1683136207
.k8ccwwesx.live/	1970-01-20 13:41:52	Name: _fbp Value: fb.1.1683136207500.2065290094
.k8ccwwesx.live/	1970-01-20 21:08:16	Name: __utma Value: 64151541.282619305.1683136207.1683136208.1683136208.1
.k8ccwwesx.live/	1969-12-31 23:59:59	Name: __utmc Value: 64151541
.k8ccwwesx.live/	1970-01-20 15:55:04	Name: __utmz Value: 64151541.1683136208.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.k8ccwwesx.live/	1970-01-20 11:32:16	Name: __utmt Value: 1
.k8ccwwesx.live/	1970-01-20 11:32:18	Name: __utmb Value: 64151541.1.10.1683136208
.amcdn.vn/	1970-01-20 21:08:16	Name: __create Value: 1683136207
.amcdn.vn/	1970-01-20 21:08:16	Name: __uid Value: 1583136207449615392
k8ccwwesx.live/	1970-01-20 21:08:16	Name: __RC Value: 115
k8ccwwesx.live/	1970-01-20 21:08:16	Name: __R Value: 0
k8ccwwesx.live/	1970-01-20 11:46:40	Name: __uif Value: __uid%3A6131362061365181736%7C__ui%3A-1%7C__create%3A1683136206
.k8ccwwesx.live/	1970-01-20 21:08:16	Name: _uidcms Value: 6131362061365181736
.k8ccwwesx.live/	1970-01-20 20:53:52	Name: __gads Value: ID=837ad6bcf0de5747-2295bac1b6dd007a:T=1683136208:RT=1683136208:S=ALNI_MYFzANVsq8QWuyWpomwUJl9wl6poQ
.k8ccwwesx.live/	1970-01-20 20:53:52	Name: __gpi Value: UID=00000bf51bce84ab:T=1683136208:RT=1683136208:S=ALNI_MbP2MgPeNXrsIP1KC9yuMOAvVy4ew
.doubleclick.net/	1970-01-20 20:53:52	Name: IDE Value: AHWqTUkfN4x4KMoG5-wbPKu9VApNJpq31ZsaUrDGWcK8GiJ8CSh8XJnSfohFY-RHk9w
.travelaudience.com/	1970-01-20 21:03:57	Name: _tracker Value: %7B%22UUID%22%3A%221F90AF6F-5BED-4A42-89AA-D0F729F37B89%22%7D
.analytics.yahoo.com/	1970-01-20 20:17:52	Name: IDSYNC Value: 18yx~2bft
.yahoo.com/	1970-01-20 20:18:13	Name: A3 Value: d=AQABBNGeUmQCENX1EaVLPjj6pab_VVYlJ0MFEgEBAQHwU2RcZAAAAAAA_eMAAA&S=AQAAAihIq8E03V2CJ3Y-Iu8TufQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adi.admicro.vn
adminplayer.sohatv.vn
ads.travelaudience.com
adservice.google.com
adservice.google.de
amcdn.vn
cm.g.doubleclick.net
connect.facebook.net
dclk-match.dotomi.com
deqik.com
fgp.philacct.com
fonts.googleapis.com
fonts.gstatic.com
gamek.mediacdn.vn
googleads.g.doubleclick.net
k8ccwwesx.live
lg.nanda.vn
lg1.logging.admicro.vn
match.adsrvr.org
media1.admicro.vn
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
static.amcdn.vn
static.contineljs.com
static.philacct.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
vccorp.mediacdn.vn
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
123.30.151.70
123.30.151.81
123.30.242.10
123.30.242.13
14.225.10.21
142.250.186.66
15.197.193.217
2001:4860:4802:34::36
2001:4860:4802:36::178
2405:f980::1:10
2405:f980::1:13
2606:4700:3035::6815:2914
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9c
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:99b7:871:83ab:7df8
3.71.149.231
35.190.0.66
51.75.86.98
00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3
028c81a32aad1469b222e89a8a8cfbfad2eaf00bd35507ba5c1424cb7e582cb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb48768d4afbe2ae2b680b90443bf4e458c755622e2550bf3989e93ca3c3c1d
106c896480d87ae62ce2ecd2a671ec849f7c2d43a49e008a2f812a8978cd8b4d
1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
1562d52e7ec908dc77567979eefa514e785555a51fa6ecddd56f7edf67e909a9
185b0400b76da94d07d26fd06b2f31d3908650595fe5196f6f7e1acddbac53e7
1ad374aca46cf36577a3379c638423d3121b11376701c99611405161ed925981
1c5684c1ddf04d63fab4630ca65f3a7b294bf64e9071d21a75f163845e69f6e8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
242e5db71e533b96f66b03819432c6d8544dbb5318d584a85fc551d868b208d3
2473b3c91596758d0d127c3571019e5550503b2196ce737b53b0c3ffe8e9ec27
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2815303d3b0b23269b57e4a5ff8494cbfc8ff0cc65e67180f250f1a6dfdabcac
2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430
312bd7af902cbadf6ddd14db6719e0cc595d364d6c93653ea007c6415224276a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c654bc9298696de6a89c1367f976c63c2648472ff6e7f1dc8447a7b096f466
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
40d9593cb1c8c513b1cfae9fdbb529cd7daf95081de56c4ec23d179a4e62b63e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4f57ec1c5c3d6a390a08e59a53bab1473c888304dffdeec357805b78d52013c0
51492c14a0556272b9fe301830cfcdddb14c1c498557f2d24b2e31e826be7512
54b3ba3509da21554f72cac5a68716631997f3f0ebcbc62c55f17e8294c4b346
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
55bc4c5878061f1b1d0a068ecb1602b91c1e80f0611c8c7ad3b18bb802299070
5796dad7ea6e51f9ebcb34f34a0494c63afe5ebb32edf14e25987404e89640c8
6011db5e5f967ba3a0f9f9397e0577ed18dd2fee779524f6e5db71ad09d25ca0
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62eb35c7dfb8f9d5bf358c805f3c8063fda32dbf0a81608f2179e8af2ca4ad0e
679c248cd0e2f23ec4458100f283c750de53a1679ccd46e2e379c8d939c9016c
67a1e88649a043ceb02042351331776d46f8c44c9e71405f0b83c3a80cee6655
6a2959b48940ae172de360c0635dac0f6f8e57201b148c4828c5e84385a9a04f
6b137b5acd30ba40dec8122cb48ad1b0c7bce2ddbbd905746d13d032e8e07396
6e34e8696d51c15b5f0e261c0633ac2fb615ed51ac4795844e72b2a58fa12dee
700e6729f70d67dad93abaa0dac3836bd4c1339daef3e185e0bb41481888ba7f
70338fa46fe3c9c2114edc2c29933809bf57e8234fc900e9d23a56ac5be38042
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
7173edeafb35528dce2bf58fd15ff9a95783c7a5425cf7dc447a80eb1dc2ff37
72c78beed5543dd0e83f6129363cd3ffd350719c7428d1ba5321354c4b77898f
750adbcdb929dc3e8a56318ce17088877980d77119e2bb8b5cdaac33a7098aa0
7571605de47e3db8fb44c70fce8006953f4a0dc9da5e977a4854a3e818aec509
7cb088fddc828d4f3d5b11ecd196c7c673866a83d39ac07f132355db9d4bfd3c
80dda122ffbd6798f6854c78267fa4d2279a0c54846f1af93bb842c7320f2bfa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835ddc3354ced95a191e577a804523613b09b03c4925ff442642b7e3ea442d67
8455c1c2d1cfbcc4d91725ec2d6ff649c6479110951dac890fdf6bb9da74ba5f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c6dc32d121be2319e6605e1f583ef12a9d76a9d0d68ab1a6dd76049e35d87a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de73b8c9c9d8b3359c9e50a046f1cc12277e3fbbe4f19c8d47434b2fdccebe8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b69708c866676e9c188a7727e93b0c10d9e4c37945f1a8490ed6a24d692f8bc
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e9efcb83c65b19c1e5beda26cfd017576e8ed57bd67876ca87f7634ffc8bf8e
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a263eac2ad4afa7f7c974e9676e0fb60bc735b450b57ce30f08bd37a575d5e5f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb133c87b954e77329aa7376df52104348a19d8eb30ecccb8570bd69265d467
afc4a1c86ef38afcfdfcdee55c3e157051f7aabdb86d306e12628d2a4e599993
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b9d5f3f6f18ec7d8d11e99e4d5296910252a92317fcc7526d6838dbee524792d
ba9ddb1d991a2e4a6f444b5b5945847d53d62c4bb5262d85f5161b0e1fe9e37c
bb37ce9c4b4917fa9fb4b0412a37771699b38d156b98215b13d26de3dfe75f8e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c2c644a60eccc2ba1fac6c2811a352f750fe92acde2cc9a670fbf3b684871977
c8e1eebc02599c9896e78d721eb085cf848d4de35b795b0c704928230ac43d95
c9cf25a98a48403988a8711e9d97d86ee811113453b3b9e659687681b6ef9821
cf0cf3a4991aa017eea8141c9918da7f32a776fcf779f37cdd9505a3c50539d3
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61fd45407ec94fcaf4f11a2a4cb98fc514a45a56d73be14ed0cbe8d896a4f4f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fab4708422172956dd7b3e03593b6158704e6c1a1cc8a5313e461c166afa5e
ee7e27d33ae3060a2007b7e85cd37f26a4408d152ab58f10a66cd04321f12bcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a3140679d704bd07329d0768adc05ac21751dd5c558d3b9971ac504b48e79c
f3f80e61346d7e6b9b88a36f1626eca327d5e2001280cd43149fcc33fa69fba6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f73064591e9e6df9821a3dc41bb43fa707b1b1d98e5612f9049e62c05eb47885
f8728539fc89ba1770ea668fec47fb75aabc367c0508168524a048301e90a5fd
fa696f5f1aa34c6b3b3bd4dd87edcd587ac891fc2c03a68fe9b82f975241ebb2
fa852ae558d81f45f70172edda0888aa0bc9d2a9b8dd0af065c5fdafd2b66404
fe5ed840f07c9503864865d42bca6edc9c34d420aad23b91d864210163124a66
ffb4b4818815b4a60d06ba867cfb18069d85f5743509f17c13d5cb8d437e7be4

k8ccwwesx.live Open in urlscan Pro 2606:4700:3035::6815:2914 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

96 %HTTPS

70 %IPv6

26 Domains

39 Subdomains

31 IPs

7 Countries

2126 kBTransfer

4706 kBSize

34 Cookies

21 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

k8ccwwesx.live Open in urlscan Pro
2606:4700:3035::6815:2914 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

96 %
HTTPS

70 %
IPv6

26
Domains

39
Subdomains

31
IPs

7
Countries

2126 kB
Transfer

4706 kB
Size

34
Cookies

114 HTTP transactions
4 data transactions