hot.tinnendoc.com Open in urlscan Pro
2606:4700:3030::6815:27ec Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat...
Submission: On December 03 via api (December 3rd 2023, 9:56:56 am UTC) from US — Scanned from DE

Summary HTTP 332 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 39 domains to perform 332 HTTP transactions. The main IP is 2606:4700:3030::6815:27ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is hot.tinnendoc.com.
TLS certificate: Issued by E1 on November 7th 2023. Valid for: 3 months.

This is the only time hot.tinnendoc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3030::6815:27ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
19	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3068	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:31fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	123.30.175.44 123.30.175.44	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
11	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	104.19.131.72 104.19.131.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.19.128.72 104.19.128.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:297f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2400:52e0:1e0... 2400:52e0:1e00::1076:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2400:52e0:1e0... 2400:52e0:1e00::1049:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	170.187.252.201 170.187.252.201	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	123.30.175.112 123.30.175.112	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	18.133.129.135 18.133.129.135	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20f... 2600:9000:20fc:3600:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
20	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	192.46.215.171 192.46.215.171	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a391	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2 7	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	65.21.20.220 65.21.20.220	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
31	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
6	65.21.233.19 65.21.233.19	24940 (HETZNER-AS) (HETZNER-AS)
10	2400:52e0:1e0... 2400:52e0:1e00::1053:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:26d... 2600:9000:26db:f800:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4019:808::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
4	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
332	59

27 2606:4700:3030::6815:27ec (United States)

ASN13335 (CLOUDFLARENET, US)

hot.tinnendoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3068 (United States)

ASN13335 (CLOUDFLARENET, US)

media.phunutoday.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.30.175.44 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: coccoc.com

static.adconnect.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.131.72 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.128.72 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:297f (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2400:52e0:1e00::1076:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1049:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unibots.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.187.252.201 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-252-201.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.30.175.112 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: coccoc.com

ssp.qc.coccoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.129.135 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-129-135.eu-west-2.compute.amazonaws.com

spadsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20fc:3600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.46.215.171 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 192-46-215-171.ip.linodeusercontent.com

newsbot.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:1b::1724:a391 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.52 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.21.20.220 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.220.20.21.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 192.229.233.6 (Marlborough, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.21.233.19 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.233.21.65.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2400:52e0:1e00::1053:1 (Germany)

ASN200325 (BUNNYCDN, SI)

stream.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26db:f800:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

svastx.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	357 KB
41	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	3 MB
31	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 pubads.g.doubleclick.net — Cisco Umbrella Rank: 414 bid.g.doubleclick.net — Cisco Umbrella Rank: 840	318 KB
27	tinnendoc.com hot.tinnendoc.com	1 MB
23	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 30330 stream.unibotscdn.com — Cisco Umbrella Rank: 43289	3 MB
23	steepto.com cdn.steepto.com — Cisco Umbrella Rank: 121713 s-img.steepto.com — Cisco Umbrella Rank: 90618 cm.steepto.com — Cisco Umbrella Rank: 80694	382 KB
19	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 servicer.mgid.com — Cisco Umbrella Rank: 9134 a.mgid.com — Cisco Umbrella Rank: 13689	496 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	71 KB
15	gstatic.com fonts.gstatic.com csi.gstatic.com	132 KB
10	adnxs.com 4 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1605 ib.adnxs.com — Cisco Umbrella Rank: 229 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	34 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	134 KB
4	moatads.com svastx.moatads.com — Cisco Umbrella Rank: 2939 z.moatads.com — Cisco Umbrella Rank: 653 px.moatads.com — Cisco Umbrella Rank: 594	139 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	unibots.in cdn.unibots.in — Cisco Umbrella Rank: 46927 api.unibots.in — Cisco Umbrella Rank: 65833 newsbot.unibots.in — Cisco Umbrella Rank: 52695	141 KB
3	ztat.net img01.ztat.net — Cisco Umbrella Rank: 33606	26 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	398 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 60	16 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	792 B
3	coccoc.com ssp.qc.coccoc.com — Cisco Umbrella Rank: 103091	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	267 KB
3	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11711	271 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	369 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	553 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	309 B
2	adbro.me tag.adbro.me — Cisco Umbrella Rank: 25395	11 KB
2	phunutoday.vn media.phunutoday.vn — Cisco Umbrella Rank: 332356	104 KB
1	b-cdn.net unibots.b-cdn.net — Cisco Umbrella Rank: 46663	1 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	36 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	spadsync.com spadsync.com — Cisco Umbrella Rank: 51076	90 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6331	215 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544	63 KB
1	adconnect.vn static.adconnect.vn — Cisco Umbrella Rank: 188936	12 KB
332	39

	Domain	Requested by
31	cdn.revjet.com	ads.revjet.com srcdoc
27	hot.tinnendoc.com	hot.tinnendoc.com
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com www.googletagservices.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
19	s-img.steepto.com	hot.tinnendoc.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
13	cdn.unibotscdn.com	hot.tinnendoc.com
11	fonts.gstatic.com	fonts.googleapis.com
10	stream.unibotscdn.com	cdn.unibotscdn.com
9	jsc.mgid.com	hot.tinnendoc.com jsc.mgid.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	ad.doubleclick.net	2 redirects 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com srcdoc svastx.moatads.com
6	pix.revjet.com	srcdoc 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	1 redirects hot.tinnendoc.com securepubads.g.doubleclick.net 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
5	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	servicer.mgid.com	jsc.mgid.com
4	csi.gstatic.com	imasdk.googleapis.com
4	ads.revjet.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com ads.revjet.com
4	www.googletagservices.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
4	id5-sync.com	cdn.id5-sync.com cdn.unibots.in
4	cdn.id5-sync.com	jsc.mgid.com securepubads.g.doubleclick.net
3	img01.ztat.net
3	ams3-ib.adnxs.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com cdn.adnxs.com
3	s0.2mdn.net	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com imasdk.googleapis.com
3	www.bing.com	1 redirects 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
3	ssp.qc.coccoc.com	static.adconnect.vn
3	www.googletagmanager.com	hot.tinnendoc.com www.googletagmanager.com
3	cl.imghosts.com	hot.tinnendoc.com
3	c.mgid.com	hot.tinnendoc.com
2	svastx.moatads.com	imasdk.googleapis.com tpc.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.googleadservices.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
2	imasdk.googleapis.com	hot.tinnendoc.com imasdk.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	a.mgid.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com cdn.unibots.in
2	oajs.openx.net	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.unibots.in	hot.tinnendoc.com
2	cm.steepto.com	jsc.mgid.com
2	cdn.steepto.com	hot.tinnendoc.com
2	tag.adbro.me	hot.tinnendoc.com
2	media.phunutoday.vn	hot.tinnendoc.com
1	px.moatads.com
1	z.moatads.com	svastx.moatads.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	unibots.b-cdn.net	cdn.unibotscdn.com
1	mug.criteo.com
1	cdn.adnxs.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
1	adsdk.microsoft.com	85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
1	newsbot.unibots.in	hot.tinnendoc.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	spadsync.com	cdn.unibots.in
1	api.unibots.in	hot.tinnendoc.com
1	pro.ip-api.com	hot.tinnendoc.com
1	ads.pubmatic.com	jsc.mgid.com
1	static.adconnect.vn	hot.tinnendoc.com
1	fonts.googleapis.com	hot.tinnendoc.com
332	66

This site contains links to these domains. Also see Links.

Domain
unibots.in
mysterythemes.com

Subject Issuer	Validity	Valid
tinnendoc.com E1	`2023-11-07` - `2024-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
phunutoday.vn E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
adbro.me GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.adconnect.vn AlphaSSL CA - SHA256 - G4	`2023-09-05` - `2024-10-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
cdn.unibotscdn.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
cdn.unibots.in R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
api.unibots.in R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.qc.coccoc.com AlphaSSL CA - SHA256 - G4	`2023-06-22` - `2024-07-23`	a year	crt.sh
www.spadsync.com Go Daddy Secure Certificate Authority - G2	`2023-02-20` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
newsbot.unibots.in R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
stream.unibotscdn.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Frame ID: 258AB0593C5DF5AFFBEED1C0F14290DB
Requests: 183 HTTP requests in this frame

Frame: https://jsc.mgid.com/t/i/tinnendoc.com.1514895.es6.js
Frame ID: 69B6E93216ABD485387F047D4D3936F2
Requests: 8 HTTP requests in this frame

Frame: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 20F181F90608D86E898D0D49DA65C614
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9E0012755D28AE23B04A36F58A96B2CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FD25B02CE780B9C85F9E30F58D25AA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C20BC285E5BD0E81643FF82321BAC3C9
Requests: 2 HTTP requests in this frame

Frame: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A18274DC57974164B0F445E8B8845B37
Requests: 19 HTTP requests in this frame

Frame: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4951F51771A05F6D5CD9B47C7A7301D9
Requests: 12 HTTP requests in this frame

Frame: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC5C55AEFEA36BD0754CE5C4E2CEF71C
Requests: 14 HTTP requests in this frame

Frame: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72904585E3CF53E10F0D7472D0E4489B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGJXD3d4BMAE&v=APEucNWgWXcrkMb8HssEAflSSOJUUGyw0dmlvHYUrecmPix_usZpEJ2nZt6Bj_ugTYdez5oTTQtFR0GriE-cBtrfNa_uNdBJvXnWDKjR0xxRKYYlSZp_Df3CFSXpPiHsC2vQ4OLgZh17jMy5Q9gmRFpNA7tCF4nf6fCUbzWC_r1EqiBOILc3TANBg0uYhl6wDXt01l4sSqZ6heK5l3Zvp_cly72_fPS8JA
Frame ID: 5E4315E44561ABB28B32791A67C75F80
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNUI-KmVKgIMU-kEoD__GhXeC5sxhbJj-wB1-wv0xsneR4Tf2T7OjYSGjd8Z44ZO-Agwlz-vYdmTUwDiDOIR-pBJpALz9Z-FFphx_YQzuIJ3TIOkw_PWFJffNlpfES5x_3f2qLVyrcaFHiCoi-v06E5XrA2ungzQcS1WIuO4JoUhrfugPNWHGqG68nKFKLGTMzhYMLSFsECwI7gVEKBE39GJdZic5g
Frame ID: 20B375247F9643EB24A4E568ABB1362A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 101DAA3CB2FD9F4552F2406F5BFC0E8F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9E4FF3AEC4E5923DD12C0CBEA18B46C0
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hot.tinnendoc.com&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: 87ED658DE8FA2E02913CA212505920EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3814D7749112054AF0EA692E3CDE1D62
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
Frame ID: 903B92C4E21C28E1E6D5E46874717395
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
Frame ID: 851092CCC24AB602258D222B2B97D7EA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 37BFDAA229C3589B0B3D1FE4D0B63B27
Requests: 25 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: EBB8EE8551C9D2B82B1879BB86F9E697
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: AE384E83EFC25A8D3AC69F7DD1BF8085
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 171DD8A5B884EB739C7E79601E368E97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js%23vast=https%253a%252f%252fad.doubleclick.net%252fddm%252fpfadx%252fN6772.3821858DV360-AMNET%252fB30550615.376265360%253bsz%253d0x0%253bord%253d366042418%253bdc_lat%253d%253bdc_rdid%253d%253btag_for_child_directed_treatment%253d%253btfua%253d%253bdc_tdv%253d1%253bdcmt%253dtext%252fxml%253bdc_sdk_apis%253d2,7,8%253bdc_omid_p%253d%255bOMIDPARTNER%255d%253bdc_vast%253d3%253bgdpr%253d%253bgdpr_consent%253d%253bdc_mpos%253d%255bBREAKPOSITION%255d%253bltd%253d&level1=30550615&level2=DV360%2520-%2520Amnet&level3=376265360&level4=vpaid_creative_unit&slicer1=undefined&slicer2=undefined&slicer3=undefined&pcode=iprospectdekelloggsvpaid504439310313&spvb=1&vz=366042418&apif=2,7,8&zMoatDcVastUrl=$%257bDC_VAST_URL%257d&zMoatADV=10043497
Frame ID: D76BF523ADB9DB3C3B071BC419C6F78E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Từ nay trở đi: Ai đi xe không chính chủ cần mang theo 4 loại giấy tờ này, nếu không muốn CSGT phạt nặng

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

332
Requests

89 %
HTTPS

55 %
IPv6

39
Domains

66
Subdomains

59
IPs

9
Countries

11357 kB
Transfer

19300 kB
Size

29
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://unibots.in/

Search URL Search Domain Scan URL

URL: https://mysterythemes.com/
Title: Mystery Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://oajs.openx.net/esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&rid=esp&cc=1

Request Chain 174

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=472b748b-3773-41fc-8120-8fbe1435d9ff&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cf607b85-2aa0-49f1-aa86-881b49f9ff4c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%286-0%29%3F%26RG%3Da5f34b8ca8f244e7a46d53fbc702f171%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=707219912205915533&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(6-0)?&RG=a5f34b8ca8f244e7a46d53fbc702f171&SNR=1&GV=2&med=10

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

Request Chain 190

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWxQ4jADOnQCXnJZlfRdLAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

Request Chain 192

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWxQ4lUZfCNnainF6mJE8wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

Request Chain 209

https://securepubads.g.doubleclick.net/pagead/adview?ai=CqxSF4VBsZZO2Eaak1PIPk82ouAiEpPOhc-eq99jREYXdo6fZAhABIJzO83tglfKLgpgHoAG8g7b8KMgBBqkChxZyOYpCsj6oAwGqBKYCT9BKyVL-_7m-rKlDxa6T6_Sy-cG8Co28Fw1pggHek2KxI672hP-rUy1HnehVHGKZB3wvhjyn1c9J83tE-wL_SwttFdI_WAafrDbvr9D8GU9WjyJkUOwGXZ47Dr3RYaSZMzYWAluuwqqlP9c-jrhKQJYcynFhBfXBw09zD4QG0_KPHzMEa8JNBLV-iFlNMZaE1H_3Mp4A-X1A_vAB8Zb2aXPQYUt_yVqDBkWFT79jQGlt5SLoqDq7sInM42BDR3Fn6venB31Fo81WRAvUxyQogRA8DHCAtKuyHgxHG9-NExy9u7aXTxnsDPbl8QbLs4A6XYn_-RglKd_xnuClC4CSuvtUkGfgrL-uNZC7Ql5zyhZ394VPs37F8Blp_3u7BtIga9Q-hMeUwASOxemdjQTgBAOIBYy1y5xFkgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAe8u4bcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEIOZIRjlxvzzAdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYpdCDqYDzggOaCcYBaHR0cHM6Ly9xb250by5jb20vZGUvb3Blbi1hbi1hY2NvdW50P3V0bV9zb3VyY2U9amVsbHlmaXNoJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZGVfcHJvc3BlY3RpbmdfZ2VuZXJhbCZ1dG1fY29udGVudD1wcm9zcGVjdGlvbl9jb250ZXh0dWFsJnV0bV90ZXJtPWltYWdlX2J1c2luZXNzLWFjY291bnRfbmF0aXZlLXY0LTEyMDB4NjI3gAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwiLyoSpgPOCAxUmElUIHZMmCoewE97M3hXIE7WkreED2BMNiBQD2BQB0BUBgBcBshceChwIABIUcHViLTEyMDMxNDk1NDUyMjQyMDgY-OR1&sigh=QHTb3TQYMJ8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210807751212502091432%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210998350268%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227216537059207594737%22}&andc=true

Request Chain 218

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 240

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tinnendoc.com&sn=ChromeSyncframe&so=0&topUrl=hot.tinnendoc.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Vn65o3xpMXU2eFF4cDY5RVF1TVJtT1l5azYzMTI3azdmeWJhczkwS045R3MzV3Eya3Q5SmNraHF0NlhTZllUVTNwRGt5eFJ2ZUowSlF5Q3VDMURoRUx1NDlLLzVKN3FPMXE0d2sxMHdHZHhvVzFZQTVETkljSnlMQ1BOb0MzemtZY0Z5UW9ya0JzZWxKUEJjazhPMlNjY0xoTUUrNStQNVZJRThTY0JreXViQlM3SWFzZHhNek45OEpMV3lnTStuZ0grcGFRa1k4WFFiVTQwVnVyZkQxbUpJNFNzSFBYZ3lRNElVM0xBM2hjRk0wRjVoVG1Hc1dlUFM4SXlZeWRaYkZOV1BYbDVIU3JiMlFBUlVLSTNTNWRZT05CUT09fA&cppv=2

Request Chain 251

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410519 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNyF1amA84IDFRnHdwodv0gPYQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410519

Request Chain 259

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410520 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_pre=CISM2KmA84IDFYif_Qcd20wD7w;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410520

332 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/ 64 KB
17 KB 1079ms
1027ms Document
text/html 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c17bae700b4235e485b3616e1d043ccc97f849bc567ee13a1c8dad25497178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82faf10568425b9e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 09:56:46 GMT
last-modified: Sun, 03 Dec 2023 09:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yt1nZpPM6F2BsfR2H6C8BYftSa3cDzXY4OSbbIm%2FKrFMWgPsSdFJT%2BhI8Ji%2FQxYh4VHK0%2FM4hEj0IFVZMhO3%2B7v97qBXR6oGF6wVSeSCHOlvWusI%2FjKhyv5IHhs%2FSezuQroCmQU7HOYZKN%2BP7XvUgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.min.css
hot.tinnendoc.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 18ms
16ms Stylesheet
text/css 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 03:14:00 GMT
server: cloudflare
etag: W/"654afcf8-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gquuo6A8hk3WxiWm95A1hGOdd%2F%2F%2FnQjdftJIgSny8EkylRxpG56RDolCs0bnu4Ukbu%2F3TBW5fVkUXcn6D8ClCCugBVRC6LzmJHoGkvnA%2BRivtIEpQMrxFqmQdsjROpcyYugWRdInT6kOhMNfdkLWFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82faf10bdd015b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 61ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a27432eabcee058a7014c04062dffc9cedb33ef2dbe98eac12dc3dc2e742462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 09:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 09:56:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 09:56:46 GMT

GET
H2 200 font-awesome.min.css
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/font-awesome/css/ 31 KB
7 KB 20ms
18ms Stylesheet
text/css 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=1700834388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5393771772c1bd3c3284c9d47637aa92ae5505c0b464607c816cf381d84bc2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 24 Nov 2023 13:59:48 GMT
server: cloudflare
etag: W/"6560ac54-7ad1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CadsnIOkFDESouFSFjnPxVsWpw2oiXLMTABZW10%2BPSlksE4mtWH714AGeiFQSWQHlDJMILBxeXCHg4hy%2B5Cmr5bl%2BwK%2BZubrAdGuXxmtQ5li9EtzMEnbvdE%2FZdgRaGnFGTobNPBhwvh2d8sEbckmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82faf10bdd045b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 lightslider.min.css
hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/lightslider/css/ 5 KB
2 KB 19ms
17ms Stylesheet
text/css 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 03:16:35 GMT
server: cloudflare
etag: W/"632d2513-15a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZAo6izbZzrgAV2V6Eho9LHkGaSOyPRCHOmkPzhHha9qVtiZ6OquwTxunvU8JLVEwnEiyhkzMk9FBaCNNLk%2Fqv68pudxQeny9WKwZsT%2BU8SECUAhhAAtyfAQVg%2B1f20%2B11IH0zsILKENLwvGxeSM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82faf10bdd075b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 style.css
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/ 42 KB
9 KB 20ms
19ms Stylesheet
text/css 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/style.css?ver=1700834388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60c0ec445e43c977bbf021f011c538db585842442f5ee858682f3ab3016d1c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
cf-polished: origSize=42954
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:48 GMT
server: cloudflare
etag: W/"6560ac54-a7ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2bOh8SIt3aEIRRt3sIjKfh7BQCMrbXxvkOIBuz%2FHgYti%2B1gJWtjn8sm5TMTVmZ5GuR%2BbDIV5Yzk4rH1%2BDfR0SD%2FQO1lAGIC13%2BIpGtclqv2%2Bc7hazQ1r4oiTOjIRKt5gbYR6CtufIzMGgpTvhPqAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82faf10bdd085b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 np-responsive.css
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/css/ 7 KB
2 KB 21ms
20ms Stylesheet
text/css 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1700834388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faed53a6f9fc1eaad51969d10a543b28278ca417f8f0d1c61284962782ef20c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
cf-polished: origSize=7111
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:48 GMT
server: cloudflare
etag: W/"6560ac54-1bc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZvaJP2pn5kcjQAtASgz2QtLV5MHPOCZynoxa4TN5ca%2BZJdmXN1Hf4mCSE0Dq5fi94faTzEVAWEpe0g6h24XwxQFvlXtTIDSQ4ktVbrW3wrHDq2PuvsAw4TDSdaJFeg63zTQzNtHHBuc9Y%2FmEkDpTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82faf10bdd095b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 jquery.min.js Show response
hot.tinnendoc.com/wp-includes/js/jquery/ 86 KB
31 KB 22ms
21ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 03:14:00 GMT
server: cloudflare
etag: W/"654afcf8-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lJovMUGhVKFTFcQSfREuRmurw4NOKByeIT8WWHuyLNbmNvn5hHHaUqt4se9QDoo751e5sj4n76g0jXSSrcyVXwDrdpsMrC7kY1uQUz93klwdye5w0WzUgYl0aZtDHQMNy0xlptDbNLjdGLAR2tl0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10bdd0b5b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 jquery-migrate.min.js Show response
hot.tinnendoc.com/wp-includes/js/jquery/ 13 KB
5 KB 1059ms
1058ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 03:13:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d3046e-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHQFNPyrZWsMKdGj2QSjIUSLAF0U3xbyEdGcOUiwAi0lDEvH0X06nR8luAY3Xh1jewKqqajSd5w%2F7BxcvkjAN0%2FETuV1gFAJbwn8KYUjZFPmdIq8BhdGTZeMtqBcghpIzj4PSL9c33EHbZP%2B5bWZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10bdd0c5b9e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Dec 2023 21:56:46 GMT

GET
H3 200 player.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/ 283 KB
102 KB 511ms
511ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4d7a10361dc63d3a8ebdfde96a9848e2a9968b3cb78ffbaee9c6b877bd74a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-46a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSJY3pQpSLbLgEpFrm4biTaz8Y3UpOqw2Rq0BqPmpG8COHzQjE%2BdXLqZ9QlpLB6kqaj4DE%2BXhh5ZqSh71tyZFSObPhQ2QuQSSvzuKt6a8e5X%2FTtWEdu%2B%2BlILnOXNC7TwzBGYeCHIHQJIA1bPntDT0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf1134c34f6c5-NRT
expires: Sun, 03 Dec 2023 11:47:53 GMT

GET
H3 200 hb.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/ 90 KB
35 KB 1010ms
1010ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce82683c599088d469c58e316c366d1922f0bfb887ce22b48ec2d4aa26f989ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-16913"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL7cLvEPvqPKOchAb054blnx3jIkYGtb266qH3reFY454xGjf2vj8c4L8tzcFlulSYHzrBHTyPOlUjgCkVYbZCYNrn%2F7gDcCU9HucksYzXSeDryqnjSF697JfV%2BCMtmda46DNxToqsib3mmd50XsWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf1134c40f6c5-NRT
expires: Sun, 03 Dec 2023 11:47:53 GMT

GET
H2 200 Screenshot_149.png
hot.tinnendoc.com/wp-content/uploads/2023/11/ 576 KB
577 KB 1288ms
1288ms Image
image/png 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hot.tinnendoc.com/wp-content/uploads/2023/11/Screenshot_149.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ffbc4ab41fea680a0df5bcbd1804c9d2d3baa572eee8c69235742cf5d390c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 590287
last-modified: Wed, 29 Nov 2023 00:59:42 GMT
server: cloudflare
etag: "65668cfe-901cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnNs%2FCMhqps9P3qLHj%2F%2B4axkZsMMLcWxJ0iy76H3fgz0SrfCFZSbd5yKn6N8MPLtXDkJSx8Jo4pOt8v3ILw%2Fw9VXotFyeETjvdM4anucdKZggqMPTVWygjJFy1vTbg9vO4gjpy1kYZgsPn5dP4Dq2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82faf10bdd0d5b9e-FRA
expires: Tue, 02 Jan 2024 09:56:46 GMT

GET
H2 200 hot.tinnendoc.com.1452359.js Show response
jsc.mgid.com/h/o/ 4 KB
2 KB 728ms
689ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1452359.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

207f0edcb6683eb56058120817f430ef1ea03a232843989320dbf7ee845384c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: 2iJU0v4WmuKflAAHbMz3TyHyywc_VzAY
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MTMYSYX1MGCFPXAQ
cf-polished: origSize=3774
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kWLypPvMR1ImWqB3u2pWtrOd5nX2n2qqOCgklFW4Xrgdh3lH/kiJDqwCHDhOSHNr4OQuVmt1hNOAm34SfxoKeQ==
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:16:28 GMT
server: cloudflare
etag: W/"f0ab65962566659576e602f1cb816efd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf112bb38b790-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H2 200 tu-nay-di-xe-may-khong-chinh-chu-nguoi-dan-can-mang-theo-4-loai-giay-to-nay-1332.jpg
media.phunutoday.vn/files/content/2023/11/12/ 53 KB
53 KB 329ms
298ms Image
image/webp 2606:4700:10::6816:3068
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.phunutoday.vn/files/content/2023/11/12/tu-nay-di-xe-may-khong-chinh-chu-nguoi-dan-can-mang-theo-4-loai-giay-to-nay-1332.jpg
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1456dcaca3f64a8d541fbe5230f8841adfdfdf917a6e1ddef68ec75e817bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 15 Nov 2023 02:28:06 GMT
date: Sun, 03 Dec 2023 09:56:46 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=350260
x-guploader-uploadid: ABPtcPo8vbbXW3wO_zkZOOUq6EDtgoibrdeXStRymnMQOa8k0dlaTcs7cIZuFL5DZjEvUpGVqIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tu-nay-di-xe-may-khong-chinh-chu-nguoi-dan-can-mang-theo-4-loai-giay-to-nay-1332.webp"
alt-svc: h3=":443"; ma=86400
content-length: 53868
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Nov 2023 06:32:40 GMT
server: cloudflare
etag: "6c3b21608014d444fca12c51e246bb0a"
vary: Accept
x-goog-generation: 1699770760995263
content-type: image/webp
x-goog-hash: crc32c=27wBEQ==, md5=bDshYIAU1ET8oSxR4ka7Cg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 350260
accept-ranges: bytes
cf-ray: 82faf10c0f741c1c-FRA
x-proxy-cache: MISS

GET
H2 200 xe-khong-chinh-chu-can-giay-to-gi-0827.jpg
media.phunutoday.vn/files/content/2023/11/26/ 50 KB
51 KB 977ms
946ms Image
image/webp 2606:4700:10::6816:3068
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.phunutoday.vn/files/content/2023/11/26/xe-khong-chinh-chu-can-giay-to-gi-0827.jpg
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a472105a534660ddd70cb0d81544fb82d0f0a8ca7e4bd24245942223b947248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 03 Dec 2023 09:56:47 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=388274
x-guploader-uploadid: ABPtcPqomWsamarm_EnL55NukeK1i2WP1FipO4Enfcid2L0vYDIz9HU4kRBk7NF1RAHGzr_J3tEzYc0Zzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="xe-khong-chinh-chu-can-giay-to-gi-0827.webp"
alt-svc: h3=":443"; ma=86400
content-length: 51454
cf-bgj: imgq:85,h2pri
last-modified: Sun, 26 Nov 2023 01:27:25 GMT
server: cloudflare
etag: "40ce637c5e36e3c02667bb215298463c"
vary: Accept
x-goog-generation: 1700962045016790
content-type: image/webp
x-goog-hash: crc32c=ojuBUg==, md5=QM5jfF4248AmZ7shUphGPA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 388274
accept-ranges: bytes
cf-ray: 82faf10c0f731c1c-FRA
expires: Sun, 26 Nov 2023 02:27:25 GMT

GET
H2 200 hot.tinnendoc.com.1450635.js Show response
jsc.mgid.com/h/o/ 4 KB
2 KB 453ms
414ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1450635.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f45ad37f2408a41741a5195f2790dfc907a984455fdd81b49286ea94a5045be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: wHJRuDovbGjZOcy6I0qsaI2Mwa5ezrcj
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W4DXZJBVMXYB93WY
cf-polished: origSize=3774
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8KxA+d7BT5r0wiYMrOutpT9cLHrSafs+aAYVxpmn55xweztBCL/qh4LS0Pm719iV6HbgvY9v0ZZN2j+Asx82fJRJMYzdGaElCkv64EvGF2g=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:21:09 GMT
server: cloudflare
etag: W/"eac1a956811121f2743fcb1885a047d7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf112bb34b790-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H3 200 tinnendoc.com.1453799.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/t/i/ 4 KB
2 KB 261ms
260ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/t/i/tinnendoc.com.1453799.js?ver=1700834505

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6193e6bd2040374c6402698c2d02ead6017511945260c5cd67ee2b41499bf75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 14:01:45 GMT
server: cloudflare
etag: W/"6560acc9-e7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCOSAek0FVYCdb9HrpweDfBojZcChX98gEo%2FULHTV4PaCM8Ar9ga5EG2Htgw1g60Bm5sQkBW%2BTXnoO7ykbHfzmyorK6ANK9%2Bi8rw43QLRJekHyLMshQC3DkM8KI0jGQ10eRimqnccjvJfr5WhzhmLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf1134c43f6c5-NRT
expires: Sun, 03 Dec 2023 11:47:53 GMT

GET
H2 200 hot.tinnendoc.com.1449909.js Show response
jsc.mgid.com/h/o/ 4 KB
2 KB 243ms
205ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc6edce54d8c476571435a0f626d9fb52fc187fa002067bbb6c961da5974eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: M2FRmbVK6Uj0FMmfQleeH.lMBgrfAAZo
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MTMJ268PC6ZMBNKX
cf-polished: origSize=4111
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ARsyJF4PPXSkNP7gD6Bjv0koIsAFla+KMJHw7YxQWBKyiYxLX4/hnb+Ltp8ClfhrcMxj2SDcFjo=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:12:07 GMT
server: cloudflare
etag: W/"6b36dd8ba60bceba1e0c092fea6a6379"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf112bb39b790-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H2 200 navigation.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/ 1 KB
1016 B 16ms
16ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/navigation.js?ver=1700834389

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31920b5f996493691041f09e041678711f4fcdc79031a64bace197cc19c5cbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
cf-polished: origSize=1368
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-558"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvuX%2BKNgdAIF8Hnda4UPDI7jDo2mCJXKblz3aPPFxhh8t9Zvi0opNH8cUkbNV3KntMMKy5%2BqRHRpjPo%2BZLM106YCtc%2BdHtU1lI2Xm6rklxmN4EkdZ%2By%2Fjh1z1oVnVVH4ZrzNqYUKUH9vOv9aK8KWwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10dee555b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 jquery.sticky.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/sticky/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/sticky/jquery.sticky.js?ver=1700834389

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a5a9b2d5aee687f78c896e2b63e4ece89167952caed36d43e53d3464878aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTK4DSHC90O9a8GYzU8dLDq6YNpkns%2FUAp%2BIvrqcRSPAfKWiji42iRgBNNccw29f%2BGriBNupduI5XKCrMEkZsldBpawWbahE3X%2Fed6A4SoakRlJIfhL4i9N%2F%2F%2FEvt9KdeUnH9MPTawijfvw%2BzARtFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e0e725b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 skip-link-focus-fix.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/ 418 B
566 B 16ms
15ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/skip-link-focus-fix.js?ver=1700834389

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6c38ab272af9d44cb5021bcb6e2ea26f42e4ce2b0bae5439fa53037bdd5260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-1a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2TjKjAt305GSlwUXt8JSBNCkn%2F7RswPUWsZeN8nAXK1SB7lMN08qy4or881%2Fsm5R%2BRB6jGgapxLSC%2Bk3jsdDhUY5QrGwugFYogV90m%2FIprrch3MqD1yjBgAmaSO413C1n0%2BVkGVH7WMety8qIZgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e1e8f5b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 lightslider.min.js Show response
hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/lightslider/js/ 16 KB
5 KB 15ms
15ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 03:16:35 GMT
server: cloudflare
etag: W/"632d2513-3e9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6Yyhco3bmXvVGxnjqsdnDpDSkXNNAwvz8bdeaTy2bUMyrub0EWPtWCN7nTIiGzsbaNvo2DOZTgHivolgjCIKPfBxMXyO2PThSNCHa9BwaincDjEu3oVhljPd2Bm24QstIXa0yvyKXl1qPOyrpygfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e3ea45b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 core.min.js Show response
hot.tinnendoc.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 18ms
18ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 04:01:32 GMT
server: cloudflare
etag: W/"6425099c-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViwqECqThg7DVtNL4aSDNBy%2F71CwO8%2FJ7qCOgzp7DVJPcAHo%2BkupOM1qIShqfSkzgidHhRjHMPECM%2F1beCTf%2BXUOva8Ch9%2FEG4TlcTiTQxXjkkyOfjKFa%2BsigwopTHgcenSTLpl8iTQZtdj4LBoH7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e5eaf5b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 tabs.min.js Show response
hot.tinnendoc.com/wp-includes/js/jquery/ui/ 12 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Nov 2022 03:40:31 GMT
server: cloudflare
etag: W/"6361e6af-2ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ngPZD8ILgZJ5ie24Gon54K7cg4h1nXt2gAGlBsFnGp84SbBDERQkxRIZnzxW0g8SDtMa2fmJnWpMzeG5M1zD6ca3QWP%2BXbhLuj1VIqbgPDUqmcPkx5ZNGMKOoY2Xt1%2FCo0YNcZ1nlI2fyzwfWp8RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e7ec65b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 theia-sticky-sidebar.min.js Show response
hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/sticky/ 5 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/sticky/theia-sticky-sidebar.min.js?ver=1.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 03:16:35 GMT
server: cloudflare
etag: W/"632d2513-1537"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BLfevqGM%2FgW%2FU1YNiIIQiWRpMWunhNFGw1mqxBlG9c2IV6yv2X2aKpleRH8jDcBfGLgvH0tN57Pvq6OO74EtorShLpfHN81ag%2Bprbz9Iievtc9Hbxz%2F%2BG4fLdyVO%2FoZSUBtRtthssfXid9ASn%2BnFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10e8edd5b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H2 200 np-custom-scripts.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/js/np-custom-scripts.js?ver=1700834389

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abdf12e68945f7d97f4e3a4dde432b9676b51c7e23cda89a74003f2f92ed24e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42402
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:59:49 GMT
server: cloudflare
etag: W/"6560ac55-106f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck3UjrQLOK0YSBdYusv%2B2ZRGqmwdXOGhzml%2B5qXfQfOo73Wf%2Fq1Iv9KJufJ2m8NScMpeYBsypojND66XbUdMk1CBNaXvUWq6ViAZDYMg%2FUTgYIk%2Bx%2BBzeOW1bPdHp7Ra%2BTdVSxqSoO4UtCUEoobiyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf10eaef05b9e-FRA
expires: Sun, 03 Dec 2023 10:10:04 GMT

GET
H3 200 comment-reply.min.js Show response
hot.tinnendoc.com/wp-includes/js/ 3 KB
2 KB 260ms
259ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-includes/js/comment-reply.min.js?ver=6.4.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 03:13:37 GMT
server: cloudflare
etag: W/"632d2461-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuZ9lSj0PDo2vuX74Cu59jfUI9HPC90yhGaeoksMWxtcu2WkPLZs%2BdSqnZLfEFt0lVfcVGHCypbBYZl1JHgD94LPdAo3vV9wPF7X%2B75B6Yqnb2XVucH3WfFmRcDZY0ILY4YLToiSovKMaBV8r1%2B%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf1134c44f6c5-NRT
expires: Sun, 03 Dec 2023 11:47:53 GMT

GET
H3 200 akismet-frontend.js Show response
hot.tinnendoc.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 262ms
261ms Script
application/javascript 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1700834505

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398472186bb1ae9e295e8f469e10d896567b2f88b01eadefba4425e067737b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 14:01:45 GMT
server: cloudflare
etag: W/"6560acc9-16b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNt7F6p6VO1f8hkYDZfeRnGQKxuHIRPXwuyv7RjTE9WE5WwK2WWu%2B9yVBhwhOPI6iwosVykQ1iGCjJg9hDfSLBMkaF6yShNMJoUV%2BbexHVIrNDYOUwv6qW6wpptWYPqPghINWz2%2BR%2BThAUEHWQuI8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82faf1134c46f6c5-NRT
expires: Sun, 03 Dec 2023 11:47:53 GMT

GET
H2 200 ptag.js Show response
tag.adbro.me/tags/ 33 KB
10 KB 47ms
18ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/tags/ptag.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 17:35:08 GMT
content-md5: Kre+pSjv/5704F++6Kckdw==
age: 3510
server: cloudflare
cf-polished: origSize=62811
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 82faf112adbd71d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 w8akyhlu.js Show response
tag.adbro.me/configs/ 1 KB
659 B 387ms
358ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/w8akyhlu.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3462a4d284ff854e824066e80d1b5d502ac124c44c7a61328a797b1b130bc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 15:31:41 GMT
server: cloudflare
cf-polished: origSize=1486
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 82faf112adbc71d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.js Show response
static.adconnect.vn/ 37 KB
12 KB 1544ms
210ms Script
application/javascript 123.30.175.44
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://static.adconnect.vn/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.30.175.44 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

coccoc.com

Software

Resource Hash

c715dc74a62ecfe6e7df293d073c2d42b9e2f867557b4fe7700ee89ad38a70c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 03:51:34 GMT
etag: W/"656806c6-92d9"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF8
access-control-allow-origin: *
adnetwork-cache-max-age: 86400
cache-control: max-age=0

GET
H3 200 menu-shadow.png
hot.tinnendoc.com/wp-content/themes/news-portal/assets/images/ 7 KB
7 KB 259ms
259ms Image
image/png 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hot.tinnendoc.com/wp-content/themes/news-portal/assets/images/menu-shadow.png

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/style.css?ver=1700834388

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/style.css?ver=1700834388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781910
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400
content-length: 6925
last-modified: Fri, 23 Sep 2022 03:16:35 GMT
server: cloudflare
etag: "632d2513-1b0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm5%2BdsyjeFookJN81TpBXaESYomEmStBCGzq4KpFsdH8eAsehxNQKqKXD%2FeSpVfb5XvljWQhgh1hCJRgL3mvcerUnICMGd1MfENYUaajEpBVGewt8iZ38VIqwRrvVoxoxEoAJ%2B%2BY5UIccy%2FLKVSXYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82faf1134c49f6c5-NRT
expires: Sun, 24 Dec 2023 08:44:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 112ms
77ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 131465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET
H3 200 fontawesome-webfont.woff2
hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/font-awesome/fonts/ 75 KB
76 KB 1029ms
1028ms Font
font/woff2 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.tinnendoc.com/wp-content/themes/news-portal/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=1700834388

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hot.tinnendoc.com/wp-content/cache/min/1/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=1700834388
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 03:16:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "632d2513-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzO51NXQY0h%2Fcp9wWL%2BJqdzdVd5xvmUq4Z4JGOA3q9eBg%2BYUvpV95tnAt%2BLf9XFYdFHo0wsQwRDYdnQ9GuPdMc63ToaEUGgshW0vwuiMmbeANgH9HqGPdvQ%2BK6kCk9qVoMgMhd42kaff2EyOdPdf5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82faf1134c50f6c5-NRT
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:28 GMT
x-content-type-options: nosniff
age: 166099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 62ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 122316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:58:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
49ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:27:48 GMT
x-content-type-options: nosniff
age: 206939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 00:27:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 113ms
81ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:24:13 GMT
x-content-type-options: nosniff
age: 163954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 12:24:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 116ms
84ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:44:06 GMT
x-content-type-options: nosniff
age: 94361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:44:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 101ms
71ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
x-content-type-options: nosniff
age: 41112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 22:31:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 106ms
75ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:57:23 GMT
x-content-type-options: nosniff
age: 129564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:57:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 103ms
74ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
x-content-type-options: nosniff
age: 41112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 22:31:35 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 84ms
56ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:06:12 GMT
x-content-type-options: nosniff
age: 233435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 17:06:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 78ms
53ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:35:47 GMT
x-content-type-options: nosniff
age: 314460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 18:35:47 GMT

GET
H3 200 Screenshot_401-305x207.png
hot.tinnendoc.com/wp-content/uploads/2023/10/ 90 KB
90 KB 1239ms
1239ms Image
image/png 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hot.tinnendoc.com/wp-content/uploads/2023/10/Screenshot_401-305x207.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255d2272ccc47ae60b8fd1e466f6f32cebe175387fca014ea7c64d620855220f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91859
last-modified: Tue, 03 Oct 2023 07:00:25 GMT
server: cloudflare
etag: "651bbc09-166d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHJ73GT8iI%2FZcgHTJJxggbGyX2c7lYEYrTvXTLDM0B45q6Ow6CsYmI%2BprKqbMJEKK%2FO9n7zInMKnDM6sjcfx84gt3LuWdBozUF5Uq8xzBOgnq0soz57Pl%2BB8fUje%2BUFSnwf3SvuGYV0DDB5602E2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82faf1136c65f6c5-NRT
expires: Tue, 02 Jan 2024 09:56:47 GMT

GET
H3 200 Screenshot_359-305x207.png
hot.tinnendoc.com/wp-content/uploads/2023/09/ 110 KB
111 KB 1290ms
1290ms Image
image/png 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hot.tinnendoc.com/wp-content/uploads/2023/09/Screenshot_359-305x207.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08a36d96cac05486785f83e89a94d5ab0cf77b3f6367055b2ae2ceb5ee3901c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 112961
last-modified: Fri, 29 Sep 2023 09:18:51 GMT
server: cloudflare
etag: "6516967b-1b941"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdWl2buWm0WUwxO98awuhsaP1ABNtAa9yVYO%2BW5OPsp2xmLK26jh6l3zYbsgwGjvZ46tneAm3QRW1AIDgqmlLxKTex%2BD%2FK3TZhIIV7jiIbFGumsOqs1J9GR8WMNnq9N46MiiEzEw8vl3VaTZ8%2BOACA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82faf1136c67f6c5-NRT
expires: Tue, 02 Jan 2024 09:56:47 GMT

GET
H3 200 Screenshot_277-305x207.png
hot.tinnendoc.com/wp-content/uploads/2023/11/ 71 KB
72 KB 1488ms
1488ms Image
image/png 2606:4700:3030::6815:27ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hot.tinnendoc.com/wp-content/uploads/2023/11/Screenshot_277-305x207.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:27ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014b890244de1ead0c47ca13b562cd94255f890914fffad027e135d9b57549f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 72718
last-modified: Thu, 02 Nov 2023 01:05:42 GMT
server: cloudflare
etag: "6542f5e6-11c0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgRhgnKMowDZ23TP3b8g9Qr4V2AfUJ6Rd8C9zfmAXlN%2Buf1vyUP3J8pUHOxU3jU0hJQ05SQwfCl2W8X8H%2FZ8NIvVl4UzAMaXIySk1OdFNbdkJb6RUJBQvuoqDjsH8tn2gOAMEaikdXSrrfTFELlgYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82faf1136c69f6c5-NRT
expires: Tue, 02 Jan 2024 09:56:47 GMT

GET
H3 200 hot.tinnendoc.com.1449909.es6.js Show response
jsc.mgid.com/h/o/ 317 KB
96 KB 261ms
241ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba82163964fe2d9b2873027486511bf801b71e24d35e90e31bd9d660409070b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: w.vjLJeLDs9FGGTsqODPjJERB5QdlM4l
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BZ3TNQ7N4FQC68WH
cf-polished: origSize=324951
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BFrqNg+u51JJXOOts30VZRIRa9lHOJmdBTcRsS/0l2RlG+FtM6r+w+geFdbTTlMQOOP/PM2y62aV3B4NlYE1ZA==
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:12:07 GMT
server: cloudflare
etag: W/"2ef7dc66c545aefbf901c911fda485bb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf11429bc66cd-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H3 200 hot.tinnendoc.com.1450372.es6.js Show response
jsc.mgid.com/h/o/ 0
724 B 211ms
191ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1450372.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: NboQ9avc4uCDu9IGLEVrJsv3nbxZf21G
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W4DHP8QXGJV5P7G7
cf-polished: origSize=3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: 9VIUl7YR0wGtxUWTvAUVey0gfSLkCOqQvnpyFO99oOBohmHJtd120I+WnwVOED2cCGzOGXVy9AuEHF87Q0RqP+UXoBRDHmnFUKHQjBINV7Q=
cf-bgj: minify
last-modified: Mon, 05 Jun 2023 16:08:12 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 82faf11429be66cd-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H2 200 tinnendoc.com.1453799.es6.js Show response
jsc.mgid.com/t/i/ 339 KB
101 KB 260ms
259ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/t/i/tinnendoc.com.1453799.js?ver=1700834505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a2903897d7db11068fe7aa97edc0060850c94991af5920f6ed0c2b61d1cb42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: u5oWTnZHdmLm3rKQaUXmwpSsG72NUBfo
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W4DK3N494S4K83Z4
cf-polished: origSize=347264
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mMVRf3BO0y8tnjhQohkMoGU0R4m358wjt+w2vAE9nFRWxdZ2zXJN6GSnbDQ7w8H7Tct/8CUP3bM=
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 09:19:34 GMT
server: cloudflare
etag: W/"263f617b4ae62ac6561b450b1c64f1e0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf1142c54b790-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
H3 200 hot.tinnendoc.com.1450635.es6.js Show response
jsc.mgid.com/h/o/ 320 KB
96 KB 206ms
205ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1450635.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1450635.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47698525d088cbf7b080915d5afded9c7c5bffe55117bbe90f243d181d0e9fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: Mi47a_KbJjfbrMIn80wG6jBkDiFP1yqI
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BZ3S971T8J79HZK6
cf-polished: origSize=327896
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jUsIMpJR/DKk/0KglEbrnHLP915MlPdqkByD2GWgfdNAq6V5pIQMuX85wwf8nsJ2Iv43TzPeAbOeRIwCetrxzAfYZVJuSJTrVErfwbqrD5g=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:21:09 GMT
server: cloudflare
etag: W/"cff851d7a3b8d6d3eb9060f17b5889bc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf1155b0166cd-AMS
expires: Sun, 03 Dec 2023 12:56:47 GMT

GET
BLOB 200
OK 329ec6b6-d520-4277-b5e4-97e59705cee1
https://hot.tinnendoc.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/329ec6b6-d520-4277-b5e4-97e59705cee1
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 4c8e35c8-74bb-46db-9d7e-bf29945bb62b
https://hot.tinnendoc.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/4c8e35c8-74bb-46db-9d7e-bf29945bb62b
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK d0c0dc92-4c5c-4b91-a36b-b35ead4a5a9b
https://hot.tinnendoc.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/d0c0dc92-4c5c-4b91-a36b-b35ead4a5a9b
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK b8706656-337a-4d51-b80c-51ad8be6d541
https://hot.tinnendoc.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/b8706656-337a-4d51-b80c-51ad8be6d541
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
96 B 41ms
32ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=1701597407764930260982&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&site=507789&i=1&scum=%3F0&scuw=%3F0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82faf1169e5eb790-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 /
c.mgid.com/pv/ 43 B
115 B 30ms
27ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=1701597407769988954686&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&site=880021&i=1&scum=%3F0&scuw=%3F0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82faf1169e5db790-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
BLOB 200
OK f3060469-cb8e-4abe-8e9b-608f303a83af
https://hot.tinnendoc.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/f3060469-cb8e-4abe-8e9b-608f303a83af
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 0b8403b7-8107-45b6-a459-b7e3f36915c6
https://hot.tinnendoc.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/0b8403b7-8107-45b6-a459-b7e3f36915c6
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 hot.tinnendoc.com.1452359.es6.js Show response
jsc.mgid.com/h/o/ 312 KB
94 KB 226ms
225ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/h/o/hot.tinnendoc.com.1452359.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1452359.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016c8030312cfd2ed1c48e63d4bd624309ac0274087155dd6675a0c6f4b0a3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
x-amz-version-id: GZXApYzWGjRLtoROzCJD0zEv2uu79cok
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F8KXEKRAKBABMDV7
cf-polished: origSize=319516
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SF9wgs/1j8hng9sdsaFg1AHS0vy5eDJo2PSZpK5eRC467CCW12747tv9ysFnvskoUz+k7Ca5+TlBqiDiAMj2FXvcb/IKP0KrK2JJkG34HNU=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:16:28 GMT
server: cloudflare
etag: W/"48079db1fc1760751898e327381ea88f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf1171d1066cd-AMS
expires: Sun, 03 Dec 2023 12:56:48 GMT

GET
BLOB 206
Partial Content 5e50f1b8-5dd7-4a22-8d3a-3a30bf29058d
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/5e50f1b8-5dd7-4a22-8d3a-3a30bf29058d
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content d6a4980f-9f38-4546-afce-9a02e6c093f8
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/d6a4980f-9f38-4546-afce-9a02e6c093f8
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 45ms
18ms Image
image/png 104.19.131.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:47 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 787WNDPJK66RAHPP
age: 4464
content-length: 2745
x-amz-id-2: 4yGNJhBPZDEmM0C+hE+6y0GFxRY/q4K7pUXUrxniT/ABuCLqqKxVzX0OdhVFgh80TicsY8q3mow=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82faf1176cae9b43-FRA
expires: Sun, 03 Dec 2023 13:56:47 GMT

GET
BLOB 206
Partial Content 249b1789-6ac1-4f19-92d1-09e817309bb4
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/249b1789-6ac1-4f19-92d1-09e817309bb4
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.mgid.com/1453799/ 2 KB
2 KB 84ms
76ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1453799/1?mp4=1&ap=1&w=819&h=343&sz=263x317&szp=1,2,3&szl=1,2,3&cols=3&sessionId=656c50e0-039c1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=170159740793045735814&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&scum=%3F0&scuw=%3F0&uniqId=0656e&gpt=1&niet=4g&nisd=false&pv=5&lct=1701129600&jsv=es6&pageView=1&dpr=1&ref=&apt=2023-11-29T00%3A59%3A50%2B00%3A00&tfre=1880

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b178a09f39fc312546292a10d61d6244fe4b142c6bc5fdab6072b6c5676fac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82faf117af01b790-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1449909/ 17 KB
4 KB 278ms
275ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1449909/1?mp4=1&ap=1&sessionId=656c50e0-039c1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=819&h=4424&ident_p=true&sz=680x451;337x280&szp=1,4,5,8,9,12,13;2,3,6,7,10,11,14,15&szl=1;2,3;4;5;6,7;8;9;10,11;12;13;14,15&cols=1&lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=1701597407935794041269&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&scum=%3F0&scuw=%3F0&uniqId=0d965&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&apt=2023-11-29T00%3A59%3A50%2B00%3A00&tfre=1885

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697b02aa25bf407d4d65fba4e398a250d8f309084e8b4c4fee9118239fbfaaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82faf117aefeb790-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1450635/ 4 KB
2 KB 175ms
175ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1450635/1?mp4=1&ap=1&sessionId=656c50e0-039c1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=819&h=341&sz=263x298&szp=1,2,3&szl=1,2,3&cols=3&lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=1701597407943189906998&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&scum=%3F0&scuw=%3F0&uniqId=018e9&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=0&dpr=1&ref=&apt=2023-11-29T00%3A59%3A50%2B00%3A00&tfre=1893

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1450635.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c97e1c156b888afbb54fd3e9335062f8e571ad15d342628b1e0730ce2a8e29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82faf117af07b790-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC85ZDMzZ...
s-img.steepto.com/g/17928701/492x328/-/ 16 KB
16 KB 336ms
308ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928701/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC85ZDMzZTcyNmM4YmM2MjJkNGYwODZkOWFhYTU1ZTI0OC5wbmc.webp?v=1701597407-DRVVprtH7kPtro3r3mTATP7khJbjKCHQIsfODvT7-OI
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19986e814cddc1bd987c6ffabeb017f888999b87a4f839e36c44736e533a1135

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 15:34:15 GMT
x-mg-request-uuid: c9c4c3c1-0b49-4296-8229-850e8a5dd1d8
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1185d503664-FRA
content-length: 15914

GET
H2 206 545c9b4a611f867726418946e818fe8e.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-09/742530/ 27 KB
28 KB 44ms
16ms Media
video/mp4 2606:4700:4400::6812:297f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-09/742530/545c9b4a611f867726418946e818fe8e.mp4?v=1701597407-UV6zT-2QoEvb14yABVkhDSU5zSbFFFvrbS2cBT5y6tA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc9791bcf0b5eb3bc714f4765a19aaa20f3b498c04aff829a821e03fae4cbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hot.tinnendoc.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 609640
Content-Range: bytes 0-27710/27711
server-timing: cld-cloudflare;mitm=c;dur=103;start=2023-11-26T05:57:04.102Z;desc=miss,content-info;desc="width=680,height=452,abps=19794,fps=25.0,du=1.4,vc="h264",bytes=27711,owidth=680,oheight=382,oabps=16614,ofps=25.0,odu=1.4,ovc="h264",obytes=23260,oformat="mp4";";cloudinary;dur=81;start=2023-11-26T05:57:04.122Z
alt-svc: h3=":443"; ma=86400
Content-Length: 27711
last-modified: Wed, 20 Sep 2023 09:50:38 GMT
server: cloudflare
etag: "7d0d8517a5a36feb57b066d16f009a8d"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82faf1185d9c921f-FRA

GET
H3 200 tinnendoc.com.1514895.es6.js Show response
jsc.mgid.com/t/i/ Frame 69B6 300 KB
92 KB 217ms
217ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/t/i/tinnendoc.com.1514895.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e14b585f5602ba9e45ae8d8fd5c473f47a70d75bdaccbaf2676d722111c045eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
x-amz-version-id: LrAh0OMq34rNCDJjZIyIk7lYdcgRSwAD
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6GZ0T7S4AXE1E7C9
cf-polished: origSize=307437
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iBH9v2fLNLOpXV+EOMRBVbzy64fMmwq8l0UpD5eT0oqEG+7x+QtG11aIMAO8OIFhcFuID8dmHfrWhkPHIYBOVw==
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 09:17:21 GMT
server: cloudflare
etag: W/"b6c5786caf562b4f3f1847ecf8d9dbc8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82faf1185ad60bce-AMS
expires: Sun, 03 Dec 2023 12:56:48 GMT

GET
H2 200 i.js Show response
cm.steepto.com/ 0
157 B 152ms
143ms Script
application/javascript 104.19.131.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?cbuster=1701597408048633660754
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 09:56:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 82faf1185d829b43-FRA
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 36ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: DAEMSFPBEN2DT2X3
age: 608
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82faf118685d9a3f-FRA
x-amz-id-2: pOjyED7KxroyUQo1Z+aayFrPdh3qDjtPQW/5tY7vITCCvoAMCKSU4lqoEejc7ataFUa+S0lom7fd6Q6g0hcZJQ==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 32ms
8ms Script
application/javascript 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1453799.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=94128
accept-ranges: bytes
content-length: 63913
expires: Mon, 04 Dec 2023 12:05:36 GMT

GET
BLOB 200
OK 3de4c20f-99d2-4519-b02b-81307cfca271
https://hot.tinnendoc.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/3de4c20f-99d2-4519-b02b-81307cfca271
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK ae6356ae-57ce-4e07-85bb-e02136073318
https://hot.tinnendoc.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/ae6356ae-57ce-4e07-85bb-e02136073318
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA2Lzc0MjUzMC84ZGFlN...
s-img.steepto.com/g/17937019/492x328/-/ 51 KB
52 KB 377ms
376ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17937019/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA2Lzc0MjUzMC84ZGFlNmYyYWViYjk5OWU3MjNjNTdiZGFlYWRmY2Y1NC5qcGVn.webp?v=1701597407-NrvyEd4OLcPBdO_LHSNOHoyB0LyUlug7e-kEjTWP5Ek
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff7bcb54c5a572a063dea4924d151a49cf9f2f5b7df6b9e5c9452937d126783

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 08:31:34 GMT
x-mg-request-uuid: dc706f97-68a9-4fb5-8a4c-2763e06c2257
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf118cddc3664-FRA
content-length: 52658

GET
H2 206 545c9b4a611f867726418946e818fe8e.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-09/742530/ 27 KB
0 20ms
19ms Media
video/mp4 2606:4700:4400::6812:297f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-09/742530/545c9b4a611f867726418946e818fe8e.mp4?v=1701597407-UV6zT-2QoEvb14yABVkhDSU5zSbFFFvrbS2cBT5y6tA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hot.tinnendoc.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 609640
Content-Range: bytes 0-27710/27711
server-timing: cld-cloudflare;mitm=c;dur=103;start=2023-11-26T05:57:04.102Z;desc=miss,content-info;desc="width=680,height=452,abps=19794,fps=25.0,du=1.4,vc="h264",bytes=27711,owidth=680,oheight=382,oabps=16614,ofps=25.0,odu=1.4,ovc="h264",obytes=23260,oformat="mp4";";cloudinary;dur=81;start=2023-11-26T05:57:04.122Z
alt-svc: h3=":443"; ma=86400
Content-Length: 27711
last-modified: Wed, 20 Sep 2023 09:50:38 GMT
server: cloudflare
etag: "7d0d8517a5a36feb57b066d16f009a8d"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82faf118cdfe921f-FRA

GET
BLOB 206
Partial Content 6637cc50-f450-4abb-ab7d-d09a0ef2f7bf
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/6637cc50-f450-4abb-ab7d-d09a0ef2f7bf
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 13ms
13ms Image
image/png 104.19.131.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 787WNDPJK66RAHPP
age: 4465
content-length: 2745
x-amz-id-2: 4yGNJhBPZDEmM0C+hE+6y0GFxRY/q4K7pUXUrxniT/ABuCLqqKxVzX0OdhVFgh80TicsY8q3mow=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82faf1195e6f9b43-FRA
expires: Sun, 03 Dec 2023 13:56:48 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZ...
s-img.steepto.com/g/17928732/492x277/-/ 9 KB
9 KB 193ms
191ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928732/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZTdiNjA1YTVlMzY3MjVmZjFjNTI5MzM5OTU3NWMucG5n.webp?v=1701597407-hciUd-XKV_fXiR-GEp6UHxQ2hdk4VSv1Zjha9L6f2cs
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64511eb16b26a657642ebf4cdda009893f812c71d87b3eaf9ede851b2d2fa928

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 15:32:33 GMT
x-mg-request-uuid: 6db4baa0-3c53-4554-af2e-793a0f51a956
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e6b3664-FRA
content-length: 9278

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwczovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvODIxNjE5LzgwN...
s-img.steepto.com/g/17894702/492x277/-/ 17 KB
17 KB 282ms
280ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17894702/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwczovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvODIxNjE5LzgwNzZmNjkwOTY1OGM5YzY0YTUyMDgwZjk2YTQ5MjNlLmpwZw.webp?v=1701597407-HGC5NovBotr75BgiKcx7p7WkVQ7Sqa4JSUwVSQBoKfw
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497d9ea1b444bcac2b2f722dca9d5dca800ebca674991856e12f93c1647a71dc

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Nov 2023 08:59:08 GMT
x-mg-request-uuid: 6bd8b946-2eee-420b-aa73-d9158a24935b
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e6e3664-FRA
content-length: 17426

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy83Nzc0NTEvMmYxN...
s-img.steepto.com/g/16735567/492x277/-/ 16 KB
16 KB 278ms
277ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16735567/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy83Nzc0NTEvMmYxNTMyZDM3ODI1YTI0Nzk3Yzc1ZmQ2MTQ3NzNkY2YuanBn.webp?v=1701597407-jVq5v1DSFHZ2aF4q_kHCEtz4q-rLq51li14pFpBM-pM
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f6aa278321bbc25a8c1725572e0c2ba9762e7c46c5de74bdc4e0172438178b

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 16:51:09 GMT
x-mg-request-uuid: 6003417e-88fe-432f-b391-a3b9ad20ffff
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e6f3664-FRA
content-length: 16430

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi83NDI1MzAvOGRhZ...
s-img.steepto.com/g/17937019/492x277/-/ 41 KB
42 KB 281ms
279ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17937019/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi83NDI1MzAvOGRhZTZmMmFlYmI5OTllNzIzYzU3YmRhZWFkZmNmNTQuanBlZw.webp?v=1701597407-PfsRsEYmarQMLjpyBP9Pg6OyjoWRnwseZvl2luwPV68
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa3f2d45fcfe74d5989ce934c6fbaf3fcdced919c5f229fc23f068b6a6317a2

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 08:36:48 GMT
x-mg-request-uuid: f5c80375-0d25-4eb3-a629-2a0f4d903666
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e703664-FRA
content-length: 42452

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS8zNjk0MDMvMDRiO...
s-img.steepto.com/g/17185583/492x277/-/ 13 KB
14 KB 201ms
200ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17185583/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS8zNjk0MDMvMDRiOWEyMDhlZmZhNmFmNTYxODBhOWQ4YWM1ZDk3OTAuanBlZw.webp?v=1701597407-4R3t9sxPnTGXd54yRwAreficQulxhTnfrtnPr0-dfkc
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b97290fd11bd60cda70c7d923a77f68d3e70efa7844a543d4806e6f68a55447

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Sep 2023 13:16:02 GMT
x-mg-request-uuid: 0739f807-409a-4733-afa9-e51f2b56c7ad
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e713664-FRA
content-length: 13816

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjA4LHlfNDAxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExL...
s-img.steepto.com/g/17683850/492x277/-/ 16 KB
16 KB 283ms
281ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17683850/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjA4LHlfNDAxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzgyMTYxOS82MmU3NzE4NzM4ZmM3NTU3ZmQzMWZmNDY0NjA3NjdjNi5wbmc.webp?v=1701597407-mpA0tZuQBPIjpxpWbalakw6_mvkEWMEh6-x1a0F2BPw
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7ecff13dbf5cabdd126adfc0fc9d3541bde84bfee23399dbdf5fec22528a1f

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 19:15:05 GMT
x-mg-request-uuid: b4c85008-7ece-4135-86ac-df4bbc1b05b9
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e733664-FRA
content-length: 16236

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvOWQzM...
s-img.steepto.com/g/17928701/492x277/-/ 13 KB
13 KB 203ms
201ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928701/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvOWQzM2U3MjZjOGJjNjIyZDRmMDg2ZDlhYWE1NWUyNDgucG5n.webp?v=1701597407-JAj9tv7k3tt-UwEK44A3CIzWehfHouiusONcN0CsOeU
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fb6901b7410f1e6798fbf23acbd37c183416d71d0a18bafbdcc114d3fb7054

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 21:02:02 GMT
x-mg-request-uuid: 08ced7a9-64f8-4891-862b-7a0d41a64499
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e753664-FRA
content-length: 13092

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZ...
s-img.steepto.com/g/16853267/492x277/-/ 11 KB
11 KB 196ms
194ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853267/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZGE4YWM5NThjMWVjNjlkNmNmYTQ1YWJkNDZkZmMucG5n.webp?v=1701597407-P1b5N-R9rf7J72SffXYREgzF3lXFY7BNncppqvktdKQ
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 15:12:46 GMT
x-mg-request-uuid: dcbed7f6-c022-4e40-95aa-ca9573f5e8be
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e763664-FRA
content-length: 11512

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvOWIzZ...
s-img.steepto.com/g/16853281/492x277/-/ 20 KB
20 KB 528ms
526ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853281/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvOWIzZDQ3MWM2MTIwZTM1MjEyM2YxZDhiN2U1Mzc4YmIuanBlZw.webp?v=1701597407-MT2WyVWGnK7cfD9t_C-Cpyv1LrWAmN7-VO-3ZEM1B-k
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785262c31960480e3ad1e1cd1df97203d954cb3ec895591d60b81c87f3670ed2

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 15:04:32 GMT
x-mg-request-uuid: f098f771-ffe3-4f25-8530-feda2f834546
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e773664-FRA
content-length: 20506

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvZDBmO...
s-img.steepto.com/g/15653120/492x277/-/ 52 KB
53 KB 519ms
517ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/15653120/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvZDBmODdiMzAyMTc5NGY0NDJhZDM2YzY0ZjkwYWMyOTcuanBlZw.webp?v=1701597407-ZAv4zIA9zpQi9Vdc9TaEfJR2gO8P3MjVbppPeYmXtNU
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6f9d0243502b97869f93bdaf732854b64f720e7b0aaea1268c8a063131d953

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Mar 2023 15:18:43 GMT
x-mg-request-uuid: e43d80e8-9bc7-4433-b2b7-05e8bfdc6eea
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1196e783664-FRA
content-length: 53636

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDU5Z...
s-img.steepto.com/g/17591159/492x277/-/ 9 KB
10 KB 234ms
233ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17591159/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvNDU5ZjM5YmFlY2I3MDJlNjA0YWI0M2EwOGZjYzAwNDMucG5n.webp?v=1701597407-kEejC5KqxinIMTVeltkqtK8E6FG6Xe7lXzBpB25ROx8
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35851c34e4be78d12fc79cbf6964e7fc614c8ff0a7f6d32e223f2ff4ba84af09

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 07:46:59 GMT
x-mg-request-uuid: 79d24f26-cb54-490a-aa6f-4491debaf695
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1199eae3664-FRA
content-length: 9700

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzN...
s-img.steepto.com/g/16853266/492x277/-/ 9 KB
9 KB 226ms
224ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/16853266/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzNzAwNGEwOGMyMWU0MjVjNWZmOTQ2ZDRhMDkyNGYuanBn.webp?v=1701597407-SUr-pFw2zj0bguR-urxtEtOAjqI5RRRllETS_YGaGzw
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 15:00:36 GMT
x-mg-request-uuid: fe324d74-0cb1-46eb-ac09-72b4acadd381
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1199eb23664-FRA
content-length: 9050

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2M...
s-img.steepto.com/g/15653118/492x277/-/ 13 KB
13 KB 142ms
141ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/15653118/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2MjYzNDgwNjgxZDU4ZGM2MTY1NzE2ZmVlNzhhNWMuanBlZw.webp?v=1701597407-KuhrdRY4UeIguUjca3ZR46tjSoE5zVEdsejIhMppqXo
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Mar 2023 15:00:00 GMT
x-mg-request-uuid: 428fd0b6-9192-415a-b050-94abe08fcdc2
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1199eb53664-FRA
content-length: 13368

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvMmViN...
s-img.steepto.com/g/17928731/492x277/-/ 15 KB
15 KB 337ms
336ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928731/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvMmViNzAzMGNiOThlZTcwZjRhM2FlYzIzODczNzYxY2QucG5n.webp?v=1701597407-qE9ws6uXm7_Mkw-x2uiNyB8ZgxPacO7D6VJx9D_FSas
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2e14ef08a2b8cf858271cc2f6491e505833c67022487e542b2eede8d6c69dd

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 15:32:33 GMT
x-mg-request-uuid: 43c9f699-472e-4988-8abf-e5669d3ac968
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf1199eb83664-FRA
content-length: 15014

GET
H3 206 ebaa591e1d96a2fddcd71d997fd1d3f1.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/369403/ 243 KB
243 KB 25ms
24ms Media
video/mp4 2606:4700:4400::6812:297f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/369403/ebaa591e1d96a2fddcd71d997fd1d3f1.mp4?v=1701597407-rk3ddvp8AiRJE3fmbfLFs54DeONEauHrcraFzGIxtR8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561e47ef00c66ab8f61bc5b4dfb05758c6251271e2ebafa3fd6b223f8e0ea807

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://hot.tinnendoc.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 434536
Content-Range: bytes 0-248548/248549
server-timing: cld-akam;mitm=co;dur=448;cpu=205;start=2023-11-09T10:01:45.107Z;desc=hit-near,rtt;dur=0,content-info;desc="width=680,height=382,abps=110466,fps=24.0,du=2.25,vc=\"h264\",bytes=248549"
alt-svc: h3=":443"; ma=86400
Content-Length: 248549
last-modified: Thu, 19 Oct 2023 02:21:45 GMT
server: cloudflare
etag: "7af1ff3cac012cf693b24593b9d594a9"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82faf11968d54d79-FRA

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 18ms
17ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1449909.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: DAEMSFPBEN2DT2X3
age: 608
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82faf11969779a3f-FRA
x-amz-id-2: pOjyED7KxroyUQo1Z+aayFrPdh3qDjtPQW/5tY7vITCCvoAMCKSU4lqoEejc7ataFUa+S0lom7fd6Q6g0hcZJQ==

GET
H3 200 1 Show response
servicer.mgid.com/1452359/ 3 KB
1 KB 69ms
69ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1452359/1?pubmatic=%7B%7D&mp4=1&ap=1&w=819&h=352&ident_p=true&sz=401x332&szp=1,2&szl=1,2&cols=2&sessionId=656c50e0-039c1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=170159740823471847104&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&scum=%3F0&scuw=%3F0&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=0&dpr=1&ref=&apt=2023-11-29T00%3A59%3A50%2B00%3A00&tfre=2184

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/o/hot.tinnendoc.com.1452359.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84b94e15521293db9f5440fb8a4ffefe060367fd67d2256d54323978c9e487e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82faf1198c020bce-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 39d03fae-2f17-4fc2-9518-b1900c1dba56
https://hot.tinnendoc.com/ Frame 69B6 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/39d03fae-2f17-4fc2-9518-b1900c1dba56
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK de6337f4-2185-466f-9814-f2ec9184acb7
https://hot.tinnendoc.com/ Frame 69B6 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/de6337f4-2185-466f-9814-f2ec9184acb7
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC9hZTZmO...
s-img.steepto.com/g/17928700/492x328/-/ 19 KB
19 KB 287ms
287ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928700/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC9hZTZmOWZlMGFjNjY0ODM0MzI3YmNlMzFiYzBkMjk5OC5wbmc.webp?v=1701597408-9Nv-zMZ_N9gCG-zGJNSN58GLurnTVs9_7u2JI9cHjjw
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d7c3ad2bff68aae01884ba571cf05b0466487268ff608f4acea24e94144443

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 15:29:56 GMT
x-mg-request-uuid: a9f9510b-05e1-470a-b808-414567fa16d0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf119ff1a3664-FRA
content-length: 19166

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC85ZDMzZ...
s-img.steepto.com/g/17928701/492x328/-/ 16 KB
16 KB 59ms
59ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17928701/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzM2NjkwNC85ZDMzZTcyNmM4YmM2MjJkNGYwODZkOWFhYTU1ZTI0OC5wbmc.webp?v=1701597408-imKeuTjL6xQC_WBC_sQmNAZLYlNg5ZoVkUrQADMXENA
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19986e814cddc1bd987c6ffabeb017f888999b87a4f839e36c44736e533a1135

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 15:34:15 GMT
x-mg-request-uuid: c9c4c3c1-0b49-4296-8229-850e8a5dd1d8
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf119ff1b3664-FRA
content-length: 15914

GET
BLOB 206
Partial Content f73c33d9-0f6d-4cd6-b3de-e7f6bfbddc6d
https://hot.tinnendoc.com/ Frame 69B6 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/f73c33d9-0f6d-4cd6-b3de-e7f6bfbddc6d
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 1 Show response
servicer.mgid.com/1514895/ Frame 69B6 1 KB
1 KB 52ms
51ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1514895/1?pubmatic=%7B%7D&mp4=1&ap=1&w=263&h=250&sz=263x250&szp=1&szl=1&cols=1&sessionId=656c50e0-039c1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cbuster=1701597408448549915445&pvid=18c2f1bea13b1efbc0d&implVersion=11&cxurl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F&scum=%3F0&scuw=%3F0&uniqId=00851&except_ads=17857796,17928701&niet=4g&nisd=false&pv=5&lct=1701129600&jsv=es6&pageView=0&dpr=1&ref=&apt=2023-11-29T00%3A59%3A50%2B00%3A00&tfre=415

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1514895.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0cf201de44dd5ac4fb6d1ee4a1f7263971ba85f33b4992c6425dcaa8ade1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82faf11addb80bce-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwczovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvODIxNjE5LzgwN...
s-img.steepto.com/g/17894702/492x277/-/ Frame 69B6 17 KB
17 KB 15ms
15ms Image
image/webp 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/17894702/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwczovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvODIxNjE5LzgwNzZmNjkwOTY1OGM5YzY0YTUyMDgwZjk2YTQ5MjNlLmpwZw.webp?v=1701597408-8g9Mw7DaWRuC7jdeGsiedNgv2oFW5LU2hD4cZ0Pcdbw
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/?fbclid=IwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497d9ea1b444bcac2b2f722dca9d5dca800ebca674991856e12f93c1647a71dc

Request headers

Referer: https://hot.tinnendoc.com/
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 08:59:08 GMT
x-mg-request-uuid: 6bd8b946-2eee-420b-aa73-d9158a24935b
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 82faf11b28693664-FRA
content-length: 17426

GET
H2 200 i.js Show response
cm.steepto.com/ Frame 69B6 0
39 B 130ms
130ms Script
application/javascript 104.19.131.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?cbuster=1701597408506870986697
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1514895.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:48 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 09:56:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 82faf11b298f9b43-FRA
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 69B6 151 KB
33 KB 24ms
24ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/tinnendoc.com.1514895.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: DAEMSFPBEN2DT2X3
age: 608
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82faf11b2b4b9a3f-FRA
x-amz-id-2: pOjyED7KxroyUQo1Z+aayFrPdh3qDjtPQW/5tY7vITCCvoAMCKSU4lqoEejc7ataFUa+S0lom7fd6Q6g0hcZJQ==

GET
H2 200 tinnendoc.json Show response
cdn.unibotscdn.com/clientdata/ 20 KB
2 KB 128ms
63ms Fetch
application/json 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/tinnendoc.json
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 4bc98d0358f953e232802b11e33131c4704c48136d67b4f797b21af59d4d3225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: gzip
cdn-edgestorageid: 1077
cdn-storageserver: DE-168
cdn-cachedat: 11/21/2023 11:19:57
cdn-pullzone: 873945
last-modified: Tue, 21 Nov 2023 11:16:49 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 399
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: eed072ce88c18c810c7b2d9433fde156
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tinnendoc.json Show response
cdn.unibots.in/headerbidding/ 2 KB
1 KB 86ms
27ms Fetch
application/json 2400:52e0:1e00::1049:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/tinnendoc.json
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1049 /
Resource Hash: 38da5dd1d1b8ed934ce5d4021cf460084bdb4609aaa983fee80d6a9bd79a376f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: gzip
cdn-edgestorageid: 1077
cdn-storageserver: DE-680
cdn-cachedat: 10/29/2023 10:29:27
cdn-pullzone: 483488
last-modified: Sat, 14 Oct 2023 08:57:16 GMT
server: BunnyCDN-DE1-1049
cdn-fileserver: 643
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 14877f2c3035b24361dd3ec0e7f7109a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 62ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V17JF385GG

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c814e60fbfa155a4cbf47ae486db41e866285f48cff7d887afb2462e760d91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 09:56:48 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 60 B
215 B 60ms
14ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=status,message,continentCode,countryCode&key=LWKtz4EzQwMJRyQ
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 239216b805f39d63cfe2b55e7c49f4ff35496f3747702dc90ac3933dc200842d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 03 Dec 2023 09:56:48 GMT
Content-Length: 60
Content-Type: application/json; charset=utf-8

GET
H2 200 parent.json Show response
cdn.unibotscdn.com/clientdata/ 10 KB
3 KB 19ms
19ms Fetch
application/json 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/parent.json
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 397a7ab97ed133302f9560f6ecdc7a2b9327e92738f9e434b57f5f77a89a477f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: gzip
cdn-edgestorageid: 752
cdn-storageserver: DE-676
cdn-cachedat: 11/08/2023 11:43:10
cdn-pullzone: 873945
last-modified: Wed, 08 Nov 2023 11:42:37 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 567
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: a840684960de51d44484cba21d8fcb00
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 797ms
260ms Fetch
application/json 170.187.252.201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Tinnendoc&page=hot.tinnendoc.com/tu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang/
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 170.187.252.201 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-252-201.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 09:56:49 GMT
keep-alive: timeout=5
x-powered-by: Express
content-length: 45
etag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
content-type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 133ms
98ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63a82218df3cc4661499edc06cfc6b276385240f9e9ac5cd404e7384afa73abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30299
x-xss-protection: 0
server: cafe
etag: 963 / 19694 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:48 GMT

GET
H2 200 adScript.js Show response
cdn.unibots.in/headerbidding/common/ 426 KB
139 KB 64ms
22ms Script
application/javascript 2400:52e0:1e00::1049:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/headerbidding/common/adScript.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/headerbidding/common/hb.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1049 /
Resource Hash: 6caf4920eeb817f57e32ab8d2f5851ea0c3613d4ed9a867a8128e5b5fc075295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:48 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-382
cdn-cachedat: 09/21/2023 04:44:55
cdn-pullzone: 483488
last-modified: Thu, 21 Sep 2023 04:38:23 GMT
server: BunnyCDN-DE1-1049
cdn-fileserver: 636
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650bc8bf-6a8ca"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 56f0844dfe7173b0d44198213af9e5cc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 46ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V17JF385GG&gtm=45je3bt0v9119338354&_p=1701597408751&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1950371521.1701597409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701597408&sct=1&seg=0&dl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&dt=T%E1%BB%AB%20nay%20tr%E1%BB%9F%20%C4%91i%3A%20Ai%20%C4%91i%20xe%20kh%C3%B4ng%20ch%C3%ADnh%20ch%E1%BB%A7%20c%E1%BA%A7n%20mang%20theo%204%20lo%E1%BA%A1i%20gi%E1%BA%A5y%20t%E1%BB%9D%20n%C3%A0y%2C%20n%E1%BA%BFu%20kh%C3%B4ng%20mu%E1%BB%91n%20CSGT%20ph%E1%BA%A1t%20n%E1%BA%B7ng&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3897
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V17JF385GG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hot.tinnendoc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 external_ad Show response
ssp.qc.coccoc.com/ 0
388 B 855ms
425ms XHR
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.qc.coccoc.com/external_ad?placement=ccadnet_164_1589&location=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&version=2.0
Requested by: Host: static.adconnect.vn
URL: https://static.adconnect.vn/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Sun, 03 Dec 2023 09:56:49 GMT
server: nginx
traceparent: 00-25ee2e31f1e5d22e6667b32772df58f0-a4e0c235600e08fa-00
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Range

GET
H2 204 external_ad Show response
ssp.qc.coccoc.com/ 0
390 B 648ms
219ms XHR
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.qc.coccoc.com/external_ad?placement=ccadnet_164_1271&location=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&version=2.0
Requested by: Host: static.adconnect.vn
URL: https://static.adconnect.vn/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Sun, 03 Dec 2023 09:56:49 GMT
server: nginx
traceparent: 00-4e7f327019d40ba2f977bd721ae0a4f9-cc052dddbafd3f52-00
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Range

GET
H2 204 external_ad Show response
ssp.qc.coccoc.com/ 0
388 B 649ms
219ms XHR
text/plain 123.30.175.112
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.qc.coccoc.com/external_ad?placement=ccadnet_164_1823&location=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&version=2.0
Requested by: Host: static.adconnect.vn
URL: https://static.adconnect.vn/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.175.112 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: coccoc.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Sun, 03 Dec 2023 09:56:49 GMT
server: nginx
traceparent: 00-3a62a579de13250d2a2ee1de077260ed-ab2244cfa6349874-00
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Range

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84133
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:34:35 GMT

GET
H2 204 sync Show response
spadsync.com/ 0
90 B 87ms
27ms XHR
text/plain 18.133.129.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spadsync.com/sync?sptoken=24ce0a11-7c1f-40d3-b1ff-7d731b0c443af36d&sspid=Onp&ssphost=hot.tinnendoc.com
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.129.135 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-129-135.eu-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:49 GMT
server: openresty

GET
H2 200 21928950349 Show response
fundingchoicesmessages.google.com/i/ 176 KB
59 KB 105ms
56ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21928950349?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

406bebb7d8be40f2f5338fef95a4edc5c1ac9642407e5afb53d017bdf99d47a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MhzjrVgUo1Zv05--zx6qIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-MhzjrVgUo1Zv05--zx6qIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWblsRgr4HxYptDB4esbwIIvZRmQnYN_js37ZqQRx1ZdxM5gp9ozjg8TnrPy4ORlmVtt02v0xuWHNCsVLLVx9OJSjiXYsgvkL5aLiOfPYOFohOoG4gse0iuFRs-_aUN9ORpMZ5zJg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWblsRgr4HxYptDB4esbwIIvZRmQnYN_js37ZqQRx1ZdxM5gp9ozjg8TnrPy4ORlmVtt02v0xuWHNCsVLLVx9OJSjiXYsgvkL5aLiOfPYOFohOoG4gse0iuFRs-_aUN9ORpMZ5zJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTk3NDA5LDE5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ob3QudGlubmVuZG9jLmNvbS90dS1uYXktdHJvLWRpLWFpLWRpLXhlLWtob25nLWNoaW5oLWNodS1jYW4tbWFuZy10aGVvLTQtbG9haS1naWF5LXRvLW5heS1uZXUta2hvbmctbXVvbi1jc2d0LXBoYXQtbmFuZy8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMytfF6m19eh4g6bfBvkWRwpynfzCw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ce1eec1e4da25be9c215734ad555eb5c3587f7abdcde8054c7e83a4c5b14413

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G5LA_Z8JtCJjRrLlgwMCNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-G5LA_Z8JtCJjRrLlgwMCNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 97ms
32ms Script
text/javascript 2600:9000:20fc:3600:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20fc:3600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 04:29:29 GMT
x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via: 1.1 92f415f504f960872d71a5b454174362.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
Age: 19641
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: y0tanNYo4rwbiz4kwXzX-vpp0M3IG19lyFO-U_bGsupA4iEv7ftDCw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 18ms
17ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: HSG8HWSDZMVXE6PH
age: 2624
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82faf11fafdf9a3f-FRA
x-amz-id-2: kxHeiTjs1qw0F53gHCM1/dxqoZCjY8pcWdTY0wN+7AWrA45S2fCPJWc1CNXJRtJAF2uqcZd7JA8=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 59ms
18ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25882
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsbzWU4l2Tnx%2FJ7ZDGoMffDySmu679ogEBzwwFwLCX8HaSl0vIY%2BwTaEzXJXo3E4lTyxdrlqDxmcQRVoakDX3hj4R%2FV6KOWzqsgZMofVfOESdlD6k6D%2F0PXyL3tkjfc7uJJD%2BWbUfdQ9E78hdAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82faf11feeb75d93-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 52ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:56:49 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 49ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:48 GMT
content-encoding: gzip
age: 1513681
x-guploader-uploadid: ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 236 KB
66 KB 703ms
703ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2311482636732164&correlator=527003643454443&eid=31079240%2C44780990%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21928950349%3A22849695847%2Ctinnendoc_anchor_320x50%2Ctinnendoc_inarticle_300x250%2Ctinnendoc_inpage_300x600%2Ctinnendoc_popup_300x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%2C336x280%7C300x250%7C320x280%2C336x280%7C300x600%7C320x280%7C300x250%2C320x280%7C336x280%7C300x250%7C320x480&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701597409207&lmt=1701595712&adxs=-12245933%2C457%2C-12245933%2C-12245933&adys=-12245933%2C1108%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&vis=1&psz=970x-1%7C819x351%7C0x0%7C0x-1&msz=0x-1%7C819x0%7C0x-1%7C0x-1&fws=644%2C4%2C516%2C644&ohw=1600%2C1600%2C819%2C1600&ga_vid=1950371521.1701597409&ga_sid=1701597409&ga_hid=944142983&ga_fc=true&a3p=EhQKBW9wZW54GLXf7_jCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ytd_v-MIxSABSAghkEhkKCnB1YmNpZC5vcmcYtd_v-MIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLXf7_jCMUgAUgIIZBIZCgp1aWRhcGkuY29tGLTf7_jCMUgAUgIIZA..&dlt=1701597406051&idt=2970&prev_scp=ad_ref_count%3D0%7Cad_ref_count%3D0%7Cad_ref_count%3D0%7Cad_ref_count%3D0&adks=3805529883%2C3425385223%2C2501492315%2C510983300&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7461eec0cf90ba939065fe5e10e95d1ad87db5aa9bb73d30706b7cbadf964ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67365
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hot.tinnendoc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20F1 6 KB
3 KB 102ms
49ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Mon, 02 Dec 2024 09:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 51ms
15ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 AGSKWxW2NUGB218p4TL2rIO9vbQa-egTol1Zut-vBdnwu8mEhzz42_eLS-HgjIi45PWqkPbmMNQ75DvQjiZZW-noWvGZHMDI2IEo2rR9CbGwaDUsM9cNOPx6CVl-zdlxWofN9i1hrBOppQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 106ms
106ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW2NUGB218p4TL2rIO9vbQa-egTol1Zut-vBdnwu8mEhzz42_eLS-HgjIi45PWqkPbmMNQ75DvQjiZZW-noWvGZHMDI2IEo2rR9CbGwaDUsM9cNOPx6CVl-zdlxWofN9i1hrBOppQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTk3NDA5LDI2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9ob3QudGlubmVuZG9jLmNvbS90dS1uYXktdHJvLWRpLWFpLWRpLXhlLWtob25nLWNoaW5oLWNodS1jYW4tbWFuZy10aGVvLTQtbG9haS1naWF5LXRvLW5heS1uZXUta2hvbmctbXVvbi1jc2d0LXBoYXQtbmFuZy8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7151d2dc1d59cdfec801ce205e4903d918ccd390d20b91e3025e0a7462362a14

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a5h2BDYFg8vLbmcedjYhFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a5h2BDYFg8vLbmcedjYhFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF...
https://oajs.openx.net/esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF...

85 B
196 B

117ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: a26c30cdc8c9e276e1d258d71388c1b47bf96c27fa3ed4a35d63250c2881d8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-uSFYBkFroXT/qLWL/++NqmrZZ8g"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hot.tinnendoc.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 03 Dec 2023 09:56:49 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://hot.tinnendoc.com
location: /esp?url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 107ms
73ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f95f3a798d207f7d4c791306b3606897d076013a843fa4a44a078a4d09d0f2cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
277 B 56ms
15ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 486 B
769 B 44ms
15ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

6c80e64a6bf93c5eb5d55eda08edb25e959644b74a20ef7adcfbbc76af6967d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
28ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 09:56:49 GMT

GET
H3 200 c
c.mgid.com/ 43 B
228 B 25ms
25ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?v=401|332|8|wmLVlVfplhdpf0EyTiV8DfbiUDlvdmPNhjHhHJDr1Dj7I-GYm_jpUcaMWYazVVEwp9XOkkulsNfo9BcwqO5cHw**&v=401|332|8|wmLVlVfplhdpf0EyTiV8DVCsMa_U9oW27ci9frT-FPskIbHnbG09j22cmXt0GKserfbu8keg8Qd6fpLXmt433Q**&fw=1&f=1&cid=1452359&cbuster=1701597409542309539270&pageImp=1&pvid=18c2f1bea13b1efbc0d&pv=3&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&rid=46333a70-91c2-11ee-a4f9-e43d1a2a53a0&tt=Direct&iv=11&completion=2,2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: 845ea375-2af9-405a-b8b9-be6d0439a617
server: cloudflare
content-type: image/gif
cf-ray: 82faf121ad420bce-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
119 B 122ms
113ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=366904&type=c&tg=8119eedfd28ced54ed60735746a4b613&gdpr=1&gdpr_consent=&us_privacy=&mgbuster=10bc4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82faf121bdfbb790-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
96 B 122ms
114ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=366904&type=c&tg=8119eedfd28ced54ed60735746a4b613&gdpr=1&gdpr_consent=&us_privacy=&mgbuster=13058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82faf121bdfcb790-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9E00 0
167 B 57ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 03 Dec 2023 09:56:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FD2 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C20B 829 B
1 KB 57ms
23ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25ed3695f22ec36c54092bcdd0c6bf8b21b388d99efcf0f5968c2bd1a1ef1338

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qt6KBQ-iIAmT5fj-XWTAMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qt6KBQ-iIAmT5fj-XWTAMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Sun, 03 Dec 2023 09:56:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FD2 39 KB
15 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 73ms
34ms Stylesheet
text/css 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-168
cdn-cachedat: 12/03/2023 09:30:44
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: b3d506920231a6f367e190d654602320
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 73ms
34ms Stylesheet
text/css 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-679
cdn-cachedat: 11/22/2023 20:45:57
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 76f7f77d5e181ade7fec300f5633a43c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 77ms
38ms Stylesheet
text/css 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-677
cdn-cachedat: 11/10/2023 21:11:01
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: c302b8cc6a7634a67d1b3a19e2dddd42
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tinnendoc.css
cdn.unibotscdn.com/clientdata/css/ 1 KB
1 KB 87ms
48ms Stylesheet
text/css 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/tinnendoc.css
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 9d3bc8424364648b6163eee67ecb6c8638e383e2932b781a1f65879134e8e27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-587
cdn-cachedat: 11/08/2023 03:30:57
cdn-pullzone: 873945
last-modified: Thu, 10 Aug 2023 07:02:01 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 481
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64d48b69-567"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 6b51e0be84610f5d7cffd21df86c9db2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 7 KB
2 KB 74ms
35ms Stylesheet
text/css 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 1054
cdn-storageserver: DE-588
cdn-cachedat: 11/22/2023 21:02:00
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 08:08:48 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 647
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e86190-1b06"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 93e0975423f72a7712ceccecd54542b7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 71ms
32ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Sun, 03 Dec 2023 09:56:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C20B 0
0 48ms
48ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=2311482636732164&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6FD2 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o9_F3g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 524 KB
155 KB 19ms
19ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-storageserver: DE-51
cdn-cachedat: 10/31/2023 18:50:45
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:19 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 340
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf623-830a3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: b6a7d53a0c6061e1ab4dff56d03377f5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 22ms
22ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 11/28/2023 14:30:36
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: d44d4071bafa281ccb31b9112ee97266
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 20ms
20ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-51
cdn-cachedat: 11/22/2023 20:46:41
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 7cb074a8389a4d7e960739de990240ea
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 25ms
25ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-588
cdn-cachedat: 10/31/2023 18:50:43
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: b2c693d565dedda06130ce1a94b4e95a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 24ms
24ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:49 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-662
cdn-cachedat: 11/28/2023 15:03:46
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: c0227210722d29bc4c4395d47efdd514
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 64fe1f0e-728b-4b46-9bf5-2af300f7f938
https://hot.tinnendoc.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/64fe1f0e-728b-4b46-9bf5-2af300f7f938
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK ubpvideos Show response
newsbot.unibots.in/get_videos/ 604 B
776 B 821ms
253ms Fetch
application/json 192.46.215.171
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbot.unibots.in/get_videos/ubpvideos
Requested by: Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.46.215.171 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 192-46-215-171.ip.linodeusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0015e4cfc3d70d2c01256bc2774b0853c91466b93c82a1fbc9dc40dbd36531d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 09:56:50 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 604
content-type: application/json

GET
H2 200 container.html Show response
85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A182 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Mon, 02 Dec 2024 09:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4951 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Mon, 02 Dec 2024 09:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC5C 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Mon, 02 Dec 2024 09:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7290 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:49 GMT
expires: Mon, 02 Dec 2024 09:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E43 624 B
826 B 93ms
56ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGJXD3d4BMAE&v=APEucNWgWXcrkMb8HssEAflSSOJUUGyw0dmlvHYUrecmPix_usZpEJ2nZt6Bj_ugTYdez5oTTQtFR0GriE-cBtrfNa_uNdBJvXnWDKjR0xxRKYYlSZp_Df3CFSXpPiHsC2vQ4OLgZh17jMy5Q9gmRFpNA7tCF4nf6fCUbzWC_r1EqiBOILc3TANBg0uYhl6wDXt01l4sSqZ6heK5l3Zvp_cly72_fPS8JA

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:50 GMT
expires: Sun, 03 Dec 2023 09:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A182 92 KB
32 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A182 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B6Jq9aQp4H1eWgHEZna1XKS75fAOH28QVZ4K-z5G9vVPB7i6i90S4FV4NsJs5iCds0wmD9xomBtfCCfo_Iyh8dn5pg1SVQgBk0C1EHaadTsZgJ2jE

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A182 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16910715073142140814&x=1&ct=77

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A182 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A182 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A182 202 KB
64 KB 108ms
74ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4951 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab079fffae087a27af4cab8a6bab453cecd659199e4848aeb93e0995859511c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14397
x-xss-protection: 0
server: cafe
etag: 5188552500389540516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:46:37 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4951 24 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4951 202 KB
64 KB 116ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 4951 24 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4951 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4951 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame AC5C 91 KB
36 KB 91ms
17ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231203T095650Z-rtrb63wv6h7y56h1tge9nutz4c0000000um0000000018v6n
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 72c36e53-b01e-0030-6dc5-174baf000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame AC5C
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=472b748b-3773-41fc-8120-8fbe1435d9ff&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cf607b85-2aa0-49f1-aa8...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(6-0)?&RG=a5f34b8ca8f244e7a46d53fbc702f171&SNR=1&GV=2&med=10

0
547 B

114ms
113ms

Image
text/plain

2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(6-0)?&RG=a5f34b8ca8f244e7a46d53fbc702f171&SNR=1&GV=2&med=10
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96C0659EBC064A4EA09E4BD1B1B6220C Ref B: DUS30EDGE0715 Ref C: 2023-12-03T09:56:50Z
x-cdn-traceid: 0.91a12417.1701597410.d6e4672
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 03 Dec 2023 09:56:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF3C30E0F0A541B3AA4A532C73044331 Ref B: FRAEDGE2017 Ref C: 2023-12-03T09:56:50Z
x-cdn-traceid: 0.91a12417.1701597410.d6e43da
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(6-0)?&RG=a5f34b8ca8f244e7a46d53fbc702f171&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 155
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame AC5C 80 KB
27 KB 56ms
13ms Script
application/x-javascript 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 09:56:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Mon, 02 Dec 2024 09:56:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame AC5C 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame AC5C 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC5C 24 KB
6 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC5C 202 KB
64 KB 105ms
85ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 20B3 624 B
505 B 74ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNUI-KmVKgIMU-kEoD__GhXeC5sxhbJj-wB1-wv0xsneR4Tf2T7OjYSGjd8Z44ZO-Agwlz-vYdmTUwDiDOIR-pBJpALz9Z-FFphx_YQzuIJ3TIOkw_PWFJffNlpfES5x_3f2qLVyrcaFHiCoi-v06E5XrA2ungzQcS1WIuO4JoUhrfugPNWHGqG68nKFKLGTMzhYMLSFsECwI7gVEKBE39GJdZic5g

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:50 GMT
expires: Sun, 03 Dec 2023 09:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7290 89 KB
31 KB 164ms
161ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7290 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQ5AODDDlbkypKuYrs95fb0XaPBKSKMMAQpljBQ6H2wTuuyjf0lD_LECBifKK8t8no4fMcRtd05_hT9q06lBGDEHvdg5bz33GE8Qb-qBqBzWS0fD0

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7290 0
20 B 51ms
49ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2453386933101531853&x=1&ct=77

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7290 3 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7290 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7290 202 KB
64 KB 121ms
104ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H2 200 14599624454417566010
s0.2mdn.net/simgad/ Frame 4951 301 KB
302 KB 50ms
14ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14599624454417566010

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce68ee1503d5898f130368ff0438b2f891d6c3b22d88e1513e5600bcf5bf9f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:27:09 GMT
x-content-type-options: nosniff
age: 494981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 308732
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 13:22:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 16:27:09 GMT

GET
H2 200 19050620499409930
s0.2mdn.net/simgad/ Frame 4951 80 KB
80 KB 64ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/19050620499409930

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:08:50 GMT
x-content-type-options: nosniff
age: 143280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81586
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 13:22:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 18:08:50 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5E43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

43 B
729 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGJXD3d4BMAE&v=APEucNWgWXcrkMb8HssEAflSSOJUUGyw0dmlvHYUrecmPix_usZpEJ2nZt6Bj_ugTYdez5oTTQtFR0GriE-cBtrfNa_uNdBJvXnWDKjR0xxRKYYlSZp_Df3CFSXpPiHsC2vQ4OLgZh17jMy5Q9gmRFpNA7tCF4nf6fCUbzWC_r1EqiBOILc3TANBg0uYhl6wDXt01l4sSqZ6heK5l3Zvp_cly72_fPS8JA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUbIOdQzp1EkL1nj7Y2UKXS0ytKfqMGInG46AIscKpOAPwSe6TrOCYg446PUwIFOadkEYTHHVuzYCg2H6EEWXzPg8t9JaoHBHBvVf4xxTGivHOkn4Y6EfbD6A8iiVs4Jm5kzc2Qm7evLgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82faf125ab961e56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5E43
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWxQ4jADOnQCXnJZlfRdLAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

43 B
738 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGJXD3d4BMAE&v=APEucNWgWXcrkMb8HssEAflSSOJUUGyw0dmlvHYUrecmPix_usZpEJ2nZt6Bj_ugTYdez5oTTQtFR0GriE-cBtrfNa_uNdBJvXnWDKjR0xxRKYYlSZp_Df3CFSXpPiHsC2vQ4OLgZh17jMy5Q9gmRFpNA7tCF4nf6fCUbzWC_r1EqiBOILc3TANBg0uYhl6wDXt01l4sSqZ6heK5l3Zvp_cly72_fPS8JA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIa7ZjslAc%2B3J0ykR05Ipm1UozwWWzY8s7%2F59HC%2F9Dc6%2By3D8XuPObj1pJbeUcNcR3QlFEXsXA0%2FvnrSWtYlADR%2BFKX%2BT39nYlbg9U21hzTHbxYmTs6PrTuqupbC8yJAYCqi9EFETpqung%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82faf125bba51e56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5E43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

43 B
847 B

8ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGJXD3d4BMAE&v=APEucNWgWXcrkMb8HssEAflSSOJUUGyw0dmlvHYUrecmPix_usZpEJ2nZt6Bj_ugTYdez5oTTQtFR0GriE-cBtrfNa_uNdBJvXnWDKjR0xxRKYYlSZp_Df3CFSXpPiHsC2vQ4OLgZh17jMy5Q9gmRFpNA7tCF4nf6fCUbzWC_r1EqiBOILc3TANBg0uYhl6wDXt01l4sSqZ6heK5l3Zvp_cly72_fPS8JA

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: 62a08514-68ad-453d-9af1-c115a4b1b429
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5E43
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: 225756fa-2505-4243-8e85-21d12d142eac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 20B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

43 B
771 B

22ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNUI-KmVKgIMU-kEoD__GhXeC5sxhbJj-wB1-wv0xsneR4Tf2T7OjYSGjd8Z44ZO-Agwlz-vYdmTUwDiDOIR-pBJpALz9Z-FFphx_YQzuIJ3TIOkw_PWFJffNlpfES5x_3f2qLVyrcaFHiCoi-v06E5XrA2ungzQcS1WIuO4JoUhrfugPNWHGqG68nKFKLGTMzhYMLSFsECwI7gVEKBE39GJdZic5g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0khwuX3cdkysRoPzId0WDVTt8KdQWfSKwzhevnDHZ1CbITggPXiaH0vW6TO25bkX%2Fzo%2BdpA%2FFXSGNYoCfQoPpCwZBgeOKwUV0XDq1lrzlFpXiukg4PUv4dUmrmshpSlFqSH8oDMiYr6%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82faf125ab971e56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 20B3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWxQ4lUZfCNnainF6mJE8wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1

43 B
736 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNUI-KmVKgIMU-kEoD__GhXeC5sxhbJj-wB1-wv0xsneR4Tf2T7OjYSGjd8Z44ZO-Agwlz-vYdmTUwDiDOIR-pBJpALz9Z-FFphx_YQzuIJ3TIOkw_PWFJffNlpfES5x_3f2qLVyrcaFHiCoi-v06E5XrA2ungzQcS1WIuO4JoUhrfugPNWHGqG68nKFKLGTMzhYMLSFsECwI7gVEKBE39GJdZic5g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUy%2B9QTIpbQhoJKuLfYK7EEzSzCGceobfMWSlcRnc7%2BrkoOv%2BN0RxHJga1Tsl1R7fxfVpXlKg02ATeZYCy0Ahu2lwrb6TzYRz34bpvECR5uWTdEGxfS2RpIuYKLPVVNEA97NNa%2FK%2FuzJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82faf125cbc61e56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcqGKB_qlrta1fZUWg-M8Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 20B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

43 B
847 B

7ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNUI-KmVKgIMU-kEoD__GhXeC5sxhbJj-wB1-wv0xsneR4Tf2T7OjYSGjd8Z44ZO-Agwlz-vYdmTUwDiDOIR-pBJpALz9Z-FFphx_YQzuIJ3TIOkw_PWFJffNlpfES5x_3f2qLVyrcaFHiCoi-v06E5XrA2ungzQcS1WIuO4JoUhrfugPNWHGqG68nKFKLGTMzhYMLSFsECwI7gVEKBE39GJdZic5g

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: 1ece12a3-f65f-45e2-8735-ff70a2b347fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGH11ir4RHkVHIrjEgcdyOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 20B3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

170 B
232 B

26ms
26ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: dab5534b-53cc-4d85-b676-ab3e5abab0ac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NTg3NzM3OTUyNDM4MDQ3Mg%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A182 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6017955146396&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A182 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6017955146396&version=m202311060101&ct=77&x=1&cor=16910715073142140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A182 34 KB
20 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BExgztRIX1-Vjw3n-sG4nOgEft925vA-AO3Zk-pZJ0MLPedXsrFKQQBdJuTifr86hhTbHmGZbWoROWiDqPOvRT7u34bBbSC81evGM2lWyiaimFbq9CAS7tIjno524_wSkM_vIW2_uRuNXl3mGB-WoDB8C41_aXIRpzHcRbV17rGfzzMVU&cry=1&dbm_d=AKAmf-BhE5TFFwa0LfZ25WbbXihYloKa-_7LGqacijq52xDQ09xJYtHtkcZfRCzz2xeqAcCyN-FDfpcaNyzKRVQMjH0dTVUVuWKAt1MZ2tUWbg7JscC0fOtz8zbxM2fxcSwpMmPj3oGWaDc5-TfdZJ06cCM9PaNwJhfhn542_NapxbNeVfyR7_gELIBpDknfRHVb8qqrYW7fa1ZQ6bdLcP0-SGPKpFXvupMKnFUBiro2eSkYQNTRXkvQeohrbmRwFxGcx9oqqyMAY2HL1lWPK-prNuj6K6lCN_zqoPF3ronH_uIeR-TmI4v_DybU9srC1dqABYqctldVjJhZdL2IPcVkhoVoee6EhiGAcB5UvqSlSuAvKXYSMw82J1K6fNUPGq45VFlR6anoVXy28KfY_eJc8X7xKMcwpuLFEq1QgmhG3pMTDDVWJvWlRlZ5q4KEk2INEwx9gQ7ltdwbChEklKWq8e1t4kavz4C0StJsJdo4GiCSOOoMywP4kwCng0WxinP2WCpJeWbhozgPh9-L3b-eQVFgixfL5I9Z-3eGXMceklN7Le5GrV1TPi5IyTexkHXOuL9z4GI5PGKvbmc_yBUsZV9dVkE7QyNmnZYsUyrVaSs3wsTuuWBoMrn71zY9zDGg4fp6IWb__Pg37XQXn1Nb3-WLdzCWJkaT1q-oXQpib1GwVoD7UesRSG7WuPTV1Yp4eq0aYctC5NOYI1Ifl9jSr5IBSDePEJg1vw1SVYOH_HgS4EvssFbIF0O0ZZKDDtxsRMseIDWhC-2xtMOlitUpsEWgmSzr10GPvp_vrFKa0cSaRB9m3-I4CQ16Eci-cpW73jP7zI97M3eyaUDPrWs9nFYQHn5QsGhlSONarZ5Oq5D37qeeMkxhlIj1kwfDl1f7FaOUHH0wLPIFNKVFF5RNZEO5-YHNqXiBncZIfGFVPyp2AFuglpVJ4Ys69KnJeBilfg5glk1y5d3iURgf73Q0DczHaTvLCPEnt7H_6qW5CFK9S733cSlZ3tS5V8N2cmgIcnTOczM2gy_8lo0_l7C_PfiYaARRZ1xiNOsF0LkvkaPc77SHcuSMY6HR2cTFWynUfx0f4macqJDLTBSwxRR1_p7bSG9ooY63Lz_uhBxJ6z76voAeOLc8dsb7xBtG8QKMZFHFrbuIQwYUHOOtgD1rNo3Oe9pOdhqbfGg1b4v2dpeFT3VKFcQIiv6x0M4VCX62y5LRwmrWOcuq9GKTJpIJ7mKzXL2_5VfI5wQovwEvxtC0AY0C97et51v0pTE1lISomsZKHORGfNZcmZhC7a-XfMVqyxSd0_LTjP_0jiFbyRfkLYPG05le_QLkSOsr5wcbL7KV8ebVnybAWmMIdlTrBsa1DOvxOGIBLW_VTLCjBs-3uJzN7zP1PT51Dw-oItaxbwuRmLbUUFUTFRDg6NCVKVMPHf5Jh7I01qpFe9DsmvSh1RgXXPste9QhKsxxE5TwDpfZq4QyxUuStjz4zRar071quZZhXj0UUbQTw1FziAxe8ZpNdsalDM3KGTtgSzXSIDXdQy6Lg3CbVORSBI9dqzivTLpzY-OT9U3nQ4aCV1s6cfdo9QAyCzjnh_zM-EZAt6hu8B5XtJ8ASGE5O3q4vJ0Dr6BPwLmzOgFJ7FzXUDA_eDjBumO_AS7IuRcG24BTa3RnWtx54uTmdCb7lqQbrOvj7j0aYTMrnHuquf32kBo9KPfOs1e764Hymj6UZ__hafK9z_zgaWnhIUMSJLcVxNdDlejEJIIdD-_2E-bA-bqO8kGA2zXVZREoq-13V44tVOox7dCRQ0XF05kcTIahkaaZlDpWlRGM06BihIBN-rC2zrvY-PHxtv6GfHsz7EM8c-LOo96NhTjnBFKNn-fcbsJjqSEWIub9tgp1Rr6cwJ6CMX00XWziJ4yCbHYdimpci-qI1jyar16KO8chis4_qye56yGnr8xGjdFZFXopOXrjFxHEx51v7-adVVA_Bt7_IfRXAXGk2MU4oixlkptAbtGp8Nv6NF2hV8SvyQIRVldiISNZCl14wjnwAmVsRFQ9Kf43hBPoolqzonOs8-EEvHZEd9ei7hHoB5Jg0diHeH7ex4vJ7dkP9HZJvD0-QEge6Wmdw8vAGodtzQeoAf2GIqKc9FJwnuS1kas-Vc5XkrK6L9XSqMawciNI8CIHwJA5laSk_WmJyvmjrj7ZrBYngYKsY-LrqQBDQmdJZWyvu30IiqV84RZC3sZD8-gQrzqgwVFAJkF-hX66AJG27OkXPueoN_rRGerCG5JCAB-BrgCFO79RcpKeSa3fzAlbuHcAkAXsQC3_e-uWhU9SP2eFKUElDpNHwlGEZUyGVzW_CZif3pc5SvZdcNf9lJj5JkTEcBqh60mDXhI9eF31iiGILFrkk7_yBkrJLkSvakZoPbk1J_gisEcjB_XdhypZOW09mislW9G1A0Xg2xKmz_P10TnoRTvBr3abrIjPIYZIm321C8JZ_HmzLK9aeROq9bLMVVH-NfI16E81To_xXCSb8aMT5Mwtbhy6QgyG4FDYHzfkeITK2_gtsPaH00AtwkvgTKvsOzzYL-cbBLBeZ1XvTUxrYX8ymttkfhmVWlu9wmsR18ebiEYJJ4Bu-uLrW8BYkWumBIhe0hUtwUMjmkwrtbWvQ_UEWdCQTDFzsDhTf_Sf0VN4FboXmU8SCa4stdFK7wPBHuJgQwJSa0yYCJ9kim40yrY5iXxrZ2HRNvvFT_MsToIMZq0HcGo2oepEVdM8vT46g7wFF2MoZB7UePyy4DO4-SG1ydB9z5oYXY1lWAlDjqE1IO90KwMFAd3ghZYKV2W6mcwX13H1fggEbFZEXEwTjbmQZx0Vol_zXRLibe98NS9J9LLatdrOoxqPNpr8uK5saFhqKzHJeaQJkCnhmog9y2vn6-jyX-15C3SLtMjgQi07H2iaHJ1xaoJGZiEcZ9RH6jqyH4QKtrIZgE7vTHd9GELsY6SObkB7lNMxqrpYmouupMlCVxiZrgZ0NrSJUC3p8nN0f8DPgTgnncsC1wZJ6NFBxAAX75b6iQ0DzgCWLVexnNIRdUyx6SCMIS7rXhAjde4_rLVcrbfOzsK2sxDg9Wqb00ceQeGW_ZqJxEmUDKpurAL3bnB26t9z1sY1eRcNnDfl7Lb3tNBPEZ_e2082onypfCRBSNYXTrACQH8KRTg9Dj3CR0f4RAQ57ytFxD3pLRN1pQxcnKzpEuoV1P-CjYYfoKd2khmvXSznsCrhwCPxqCkFtS4zUvkCNFwGR64mjiEbu1a0Hk9paLe-Z6CXLEVML7-R9RZKlC4ODe7tlkmHKlCkPDEnMltJgvKdFzvfMzqqM2eQad-fOxmys3x9rpS33HXxeZ4SV71SoNxJjf4Pq-0fLOg96fq8h5AN5B-8DJvAGPirCyDe4unSxDNWZB-d13jhoAxCi0QBKjJ74-0QQrGMi3z7mLCQfSUxQRbj4EfNbm2xJS6RSyJaD6zzD75F8eRffOQBpgKNHLWqtAhyM7gqclrRAy5Mcxn55fKsZ5NXBIFBcMubUDkpx1KnPwjBMaB78U-dyrV4WuHDPKEeZOi2-9TiN_YqO-_SWF_CLCW3vGNf2Oinqs6A1TWvE_SuYssfgeKhiHY1Ykn0Y-SW8mHeYupYgyf0Xm-mSMyy0lkNqiqk30Y3Or3X__R5ZNwo2L7SsplfNi8DX0YGQZEMzv7rZVu3OUYIigq8JyS6pjg6lkxZtwZoGpO8eTQ1_RfZi9aNblxAWoPKV22K_AKLvwvFhFTU9gBwe4lyw3Aux03aiayKvglHofg-4njuBsanvvOPFARfD28jw6fUIxCtOYv_ahlYj1-lpKQvScZR5od21rNFjEj29cnQvGPKLumwQgglVH3B0KAH0McecX9fJCtI0rdxty_nLW4dW0MFyLhiipWs5dks6w35Y3IJS5RPREEgx14TN4UZEiZZnYYo8LRE3MvPWGpTxLaKlImEHLmMD8XX9bBC5BUo37YtOo6MfFJtmKpNn-vktIa780BLVi3LcE-vsFHu2NIs2eOsc0Y51TgUd1lCqOfRwnePTBurp3Fo951OJ0O8acYIlWk2B03Er8aSGuaV7qcFnsACd8vMhJ29WRKX7Fhw-kjpuq_1H33YEWavG_R3-G6IKSpwJCxD2vIXCOGowTMKA0_ZUBuRH_Dh8ooXIauiDxAhQRO6rJtt5YtB_L_s-MNZIl19AE5N3NLnGdIlFCy7IKFBOnS-dmBJgmPXmPJpkYnXf5XKYMni7xOfqq32i8P5ckQNgASq-Pk8HR1v_BQ6J7FUm2KfqlBZZPI5KBQ-jkfR8y3WCzMBs4Kw9uoI4BoSOQCbAD5AHFYAAgbrmaTaKKT4pTda&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fhot.tinnendoc.com%2F&ds=l&xdt=1&iif=1&cor=16910715073142140000&adk=3944675600&idt=108&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bec913f48cd8d1086e694d76d8ed0c2c1d9a10c39c68c9e64f7f7d6711775c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame AC5C 15 KB
15 KB 94ms
92ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215887538967_1Z0XN4Q5OQHEUQ66ZK&pid=21.2&c=3&w=248&h=131&qlt=90
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77eaae9bcbed9101f50b7207ad3e396d971da4db2965729d683a533ec4244a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.91a12417.1701597410.d6e44ca
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14968
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame AC5C 0
650 B 56ms
20ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang&e=wqT_3QLQBOhQAgAAAwDWAAUBCOGhsasGEI2r9-i1mKPoCRgAKjYJMqpXjMB48j8RdEEibJYB8j8ZAAAAgBSuD0AhdA0SACkRJMgxAAAAANej0D8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF47vEFgAEBigEDVVNEkgEBBvQFAZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCf2h0dHBzOi8vaG90LnRpbm5lbmRvYy5jb20vdHUtbmF5LXRyby1kaS1haS1kaS14ZS1raG9uZy1jaGluaC1jaHUtY2FuLW1hbmctdGhlby00LWxvYWktZ2lheS10by1uYXktbmV1LWtob25nLW11b24tY3NndC1waGF0LW5hbmeAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2APd1-MB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQlJ1SIBQGYBQCgBeDX7Jqrr_7aZcAFAMkFIVccAADwP9IFCQkJDHQAANgFAeAFAfAFoiL6BQQIABAAkAYAmAYAuAYAwQYJJCzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7vEF0gcNFWQBJgjaBwYBXqQYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=72c12e9c301f5da90a5d2c46c06bdd7c29816d46&bdref=https%3A%2F%2Fhot.tinnendoc.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fhot.tinnendoc.com%2F,https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: c3a8567a-3b67-48f0-af07-02e22ae53148
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 101D 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7290 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8750673179099&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7290 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8750673179099&version=m202309260101&ct=77&x=1&cor=2453386933101531600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7290 34 KB
20 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdftunQx7EmVoahjIu52lPjmHkZVAwRUhSQkaeyCyiy5sv_j7AtVS2UY8uygvTfAaXs-7GgQzPOarGFS5HgAPnkKTM4R7t0GY0oIIUYFPOwcWlk64jfqR0z7fHmEADv6mWkPSjNQk-xwvMyD--eX34dRjbFkteshXlkTiCCW43nHOj2l0&cry=1&dbm_d=AKAmf-AXGHsvJ3Bqy5DmJTUzDuigJ6NBfmjje-sEspdhe9Z-cx3X0YliyqQtSI-Q73cfFDysFfdIPiYHPgQrF7Kof5VSGy_I4X8E6fsLjDKhCPmuroVkPul0UKNUkBM9LKfR6B32eEathgQ0tgRNIHEgVMDO4zXW6Jkvzcv-HOiIM6DEAD8RZ6yDP4lvgkQnwCb-bf6WbCalYRH8wPuwTDVQRz8mBs9nThOWmd-SA6D1F-l5h9H25WdmdFz717L5YdLLZ__LQhUKlnP8FYawmGOtJ3l-9Y1b_Tu0kUnVJ0gQjxTmMWsFR_aP2sbmBJmv00Jpq5DjD07qruvJSfOJw4Yyl6LbrexWrrmPhGxXXCJeNuZPOqNEAfsi7V40Tle8BraLOBrKlskcg5FHKKLuFLzgp8OcV1CAl3q_xRP7apRtbQhU5Vs3MYDb8MEAhMVy2X-mUH5GPrJ5XRbE4Bfy5pbhdjdCaFWvA5dB7frrJCkRqlk2S1UZ2L_5o7dENmN40CsM3tsPR_D_viankffp1TEe_Bv5H_X1r51zHaGHJW19WSLJUpqSzJLj7EpE2FO7JeL2Uvqee9i2GEx1cSf0FGS-TyPDCLtx063qBhq3aVZ_cWISrH_RiQZqWQjur00uHJjAJDfexWzOA4Zoq5DJ0we0UfyIRPCDJUzdoTxZ1_fTKX1APtt-bFXxHEYKYqlnZkDNwTZ-ymiY2irkd94tjQtS2RjIG55qTy6DHMC-eoURh4xMoZkwo9WD6P1YO5IlzIOrwTlLDiwvgmRZ21sq2wFdcsXujkv1ePFmUCagkWB6ZaJUINx5L6Fx3qTZ15Vv1knc90x4WAiT6e3okj2v8V-vt5o1kSEqsIvCCh93nY5xyTPqdzL-xt3d6gNGkrGCGECEeh3rutQEdmjT5EvZ98Zb8JwZf-CNpTQuwV9J0MLqzKG6mwCwTqG67tMnPHxrIkCqGOVYgD674rYK65pdo74oXK1gumGNNxcVsEvgWMKvB_sE6xZ9JFPHrW5JqABlVSd3tnr-DZIdFowyHYeS114fZRzFpshUMPW148Rg8tKOtBlpk_RiAp0gBNLA-xRwfdmyGfs2_aP4zy75FZYerrLDsV480GQJADdnNvE9c_xySykANel9m0vPQUqfA6OtkM9WJwQLCeVXBubNPLza4RD-CMJcLVsEdS7t__Wqt9fS20XR-eqbKt290TmiD1ciE2QGB8uEZ-NjEydx0acI9Yl__4hOTyF1xCTgteS3CUsDGKKOoO81NCsG8vPvjiQQ9mB1V_58qBtsUhdZv9s0sGzjzzhLJTOA7FUHT5e4LuZ96OXhb9fx87JYMND780_k3LPGw8QPbs769snZFAeWYspDGsQR5GZkeofJbXv-RAUsa3v6GNuNkTWX7fi5QzlSjwR_eDkPFnhS-D95bKeSySONt5bzTqrSzf-Nv12dBHr_rS2q0Jo2tgJrxPKxwIaCmdR34uj-C0G9SnYK8rkU_ye00YwhpZ5mVTNcBRZNshkE0l8KhySl1jNPMgYD1n30JeqJdOwl8MgMts4Sf6_Ooc8XJf-xDwvpmz_heidquotP99AQm5tO4ZEj7nAp3EzatMZr7zNFw1l-nipX6sonrOIYxeifBINUSq5LE4-r1Q8grnVDz9sDaUIFtvmvcGhbVUeDK2z7WxVnEeggcQXWjHkLtb5BNp-Jazy_8r_4DbgH80TMYSrJqg33_a87m_2jajkQtCMG8qLGOXj7QphHNIhbjURfemHQE0JsG46nKUWKrX8FqYyUYbCAIGqHMg50VcWCpBMoIY7U29l3GB5MsVC90xFU1f-6khlgCP5YN5mQKYgmk0eQ7ptr_wmAszyxDq51oJ51osc9Dgg9tECIzkoTnFOmihy0tSu1oXvdkCo60cgrzBdosjX-QJOsPTblcxJ4VyOZ-F_Lr1T-X1j_Au-_5dga4MyOwhJ98KcgphkRQZK9au3wuWIKM7L7kXJB0KjItDiiDWB-JI7VWGshDgkY0YVzwzbTAf0HVfE1jJqt0FcWXNB9BRLhKOSaJb9iTWMbkyK9XRZyWEY9EGLXb0kIa_wWKdvozyPvSXhus5uc2z_GoXa6TL75nzeI-AsaP_rdB95hv5OAglBsf7VA2ISJpschVBGPQpDjZDUEe0FF1MLOkduHWVr9v6NYxGS8siV47Tv_k5CWuLDd5n6vcewFy7jKsw7K1GcMV5ckOwpQwQb9bjkfKbYSR534qL5XG9XTDJL1jSCo7ogFcABj5FPUVBqkHXUhtqgzoR8Qozmm6lceQ7J077GCiDfWGwvuarav6VkqV8eI36wcXWHb6BeJCwqqY5UR8XKYF-c17ti_eRRKJYfeylVhra6tSMrvHUzXB0Zj3OZKvx13VounbmY2YgOHPRfEyubJ9WpXVRkTktCU5tsuXiYBeJTcGosP5b9e3nGEX8XqW0nX8U3WlvhjuqKBwqiwMCS55z09RagsttP4f7W63Jlyk8hp5cI5HbI9f5277Ui4w8cBmYY9VlRvzj1clOENxEQotNByDvwP3Db0eCHIgkgcCbvaGx_COVTjTCsx2wJgJykVKM_sDJTF9uTrtzCIaK3smwpR6BRV9QR96b9EANvxCemePNq8smr_JXlyisB69ECh6Lvsz43Bis5FAMjzpk-QlI4ArgoP-y-3T7qDv87813byEl02X4AnYcMgBcidTGILlcvP88RYEfKqx0xU_t0g_WLUWUF0PD3fJlts-3rWycEwbTbkYzmNPYlCNxMB5dMNPeHGdXKKqtUEgpXa0E_ruMjOwCqaKpDenYUI2I_-iqZKOorowhQufsk_67Isw5_Sli4X-fUPsvPIHejuYNYy_R_JmjoxCLNn0rPZpd_oiVy1zD9y6CJDO9WQ7BKjyalLkl7G8w1CCLNo9GZRWUI5gsDmZ89V6zW0Eo6pIFm1irhs9zWTu3sCVexSdEUMfYw7Hy8Dioih3qqJCQ03ChkJYpM_L_0uRvg0PtdZG6QsTdL8QbNlrLwyBG29zSc2tHgBGHYQrRjY-IzFKB1qrqLIi9Y1vsIdzV28XjmWss9GISAJk-JTt8a7a79ax5940-9Xq-gITifDhWN-Ta4qXQRIfFuRDwQamk4_PQWD8xJsP6cJqAaD7nsg3edsGuxuceXSmhFLCbwYheZ58hfcXeQzN1YOWw5oTPCnKdgxsIfAKerPNbLSmWGBr95lC7gZwhydiJBUGjfNns5aCo9sjmD7nNlrDFHRpo0qbVHdnxFO9R869pRN2j_WeEtiaTXltfp4X_tp_UIVnxKdTG1Zt_9kmQXCrE_oIN_tkgDiHoG6euSOhcxtL2ZiM7AbmqqYAMMQd4uFSyAD6I4oJ2Uxhlca_Tne9nnNbrKCsHyHX5GEsmjT-qQrS6tHW_ABHvPCcKaHznwEvq37IAz3XqaL2LLwsaOfmNDY5cZvnUMMZRMl-JbZn9Dihu3TSOxw4X-lkv9ZEkU3X6cmEGLgM5OajpK4454jdg58j5NY8tgNIMoYHE9h4OCWcRuNPNlH1rBVppPfcojoYJCve4X7ywXEIco4o7SuNoKAnTvJjRqM8b_zE2Rrbi_jt3s2kTMDx3uUGU0BDdq8R8xbvmelCg9O1tkhkLfxdBGASBeVQOO6mpgmsiV71MA_bP3BSNtezTfSopPiJMRSBn4TFS2_ulOHc4Rp8910YLdc9W-lG3r71DeFFZlUG-DKVGtz00_8lTHxGCY4yChTyT5umtPfq7CBS9K8pH5Fr1oh7CPBmD3r_ykuk_EaoJcIHjyYlMxxgXc7lwRDF0gK6tflOdnU9LQ-fT7kzCbFrENohCbizdnvW9B2osbgAPT0aH7gA3WT-NuxhEMU0OFCrUPTfz6u-aIy-BtNyMcZicWRgXgvDf_WHZ2vefj5BUUOcYq5zUtKynPIGyxEJqLt69rsNIzKqS4Y_D1AH6NeDL_T51R30bcusX49zp7_tn3doMxCRpIWBlMBjVHJMkjgoaOCxl-k2bYTIltjWPO9JviNEAiqod9oSg3jPLTbsK5GRljx2cwB2vujbvj9e2SdtioiMpTXPvoIdPpjp4mUyAbZysTuUsEMP5R7Y7L4Qs1_0-_-k0hRWomW70PwjMNHHeTSi16uoh4Ps2DRwhMZkjuAZrdTv4ChDHjf0UJSTmdI5UjbYq0vXF9cHHyDxdGR-jjTci8indwyRhCD88R5XcF3QEDn4iFho5YmQJNlsgQmmkZyDn8q74RA8OIsXn0FzDPanrvbl4RAos8QttHiRsf6w9GORESBLUvKuHiBWxUSZTSzgCY9fkq8XcTUaXju8QtPoer3tlt9dUBzCtctcVeomT4NfY_tIGPxsIqhTssdXktDeEl84YER7YY_kCsKuiC5Gjjr5k9owg&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhot.tinnendoc.com%2F&ds=l&xdt=1&iif=1&cor=2453386933101531600&adk=1033480531&idt=172&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2701ec7021fe014ebee553978db5bdd52edec511ce1a50425742ca55d429c693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A182 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BExgztRIX1-Vjw3n-sG4nOgEft925vA-AO3Zk-pZJ0MLPedXsrFKQQBdJuTifr86hhTbHmGZbWoROWiDqPOvRT7u34bBbSC81evGM2lWyiaimFbq9CAS7tIjno524_wSkM_vIW2_uRuNXl3mGB-WoDB8C41_aXIRpzHcRbV17rGfzzMVU&cry=1&dbm_d=AKAmf-BhE5TFFwa0LfZ25WbbXihYloKa-_7LGqacijq52xDQ09xJYtHtkcZfRCzz2xeqAcCyN-FDfpcaNyzKRVQMjH0dTVUVuWKAt1MZ2tUWbg7JscC0fOtz8zbxM2fxcSwpMmPj3oGWaDc5-TfdZJ06cCM9PaNwJhfhn542_NapxbNeVfyR7_gELIBpDknfRHVb8qqrYW7fa1ZQ6bdLcP0-SGPKpFXvupMKnFUBiro2eSkYQNTRXkvQeohrbmRwFxGcx9oqqyMAY2HL1lWPK-prNuj6K6lCN_zqoPF3ronH_uIeR-TmI4v_DybU9srC1dqABYqctldVjJhZdL2IPcVkhoVoee6EhiGAcB5UvqSlSuAvKXYSMw82J1K6fNUPGq45VFlR6anoVXy28KfY_eJc8X7xKMcwpuLFEq1QgmhG3pMTDDVWJvWlRlZ5q4KEk2INEwx9gQ7ltdwbChEklKWq8e1t4kavz4C0StJsJdo4GiCSOOoMywP4kwCng0WxinP2WCpJeWbhozgPh9-L3b-eQVFgixfL5I9Z-3eGXMceklN7Le5GrV1TPi5IyTexkHXOuL9z4GI5PGKvbmc_yBUsZV9dVkE7QyNmnZYsUyrVaSs3wsTuuWBoMrn71zY9zDGg4fp6IWb__Pg37XQXn1Nb3-WLdzCWJkaT1q-oXQpib1GwVoD7UesRSG7WuPTV1Yp4eq0aYctC5NOYI1Ifl9jSr5IBSDePEJg1vw1SVYOH_HgS4EvssFbIF0O0ZZKDDtxsRMseIDWhC-2xtMOlitUpsEWgmSzr10GPvp_vrFKa0cSaRB9m3-I4CQ16Eci-cpW73jP7zI97M3eyaUDPrWs9nFYQHn5QsGhlSONarZ5Oq5D37qeeMkxhlIj1kwfDl1f7FaOUHH0wLPIFNKVFF5RNZEO5-YHNqXiBncZIfGFVPyp2AFuglpVJ4Ys69KnJeBilfg5glk1y5d3iURgf73Q0DczHaTvLCPEnt7H_6qW5CFK9S733cSlZ3tS5V8N2cmgIcnTOczM2gy_8lo0_l7C_PfiYaARRZ1xiNOsF0LkvkaPc77SHcuSMY6HR2cTFWynUfx0f4macqJDLTBSwxRR1_p7bSG9ooY63Lz_uhBxJ6z76voAeOLc8dsb7xBtG8QKMZFHFrbuIQwYUHOOtgD1rNo3Oe9pOdhqbfGg1b4v2dpeFT3VKFcQIiv6x0M4VCX62y5LRwmrWOcuq9GKTJpIJ7mKzXL2_5VfI5wQovwEvxtC0AY0C97et51v0pTE1lISomsZKHORGfNZcmZhC7a-XfMVqyxSd0_LTjP_0jiFbyRfkLYPG05le_QLkSOsr5wcbL7KV8ebVnybAWmMIdlTrBsa1DOvxOGIBLW_VTLCjBs-3uJzN7zP1PT51Dw-oItaxbwuRmLbUUFUTFRDg6NCVKVMPHf5Jh7I01qpFe9DsmvSh1RgXXPste9QhKsxxE5TwDpfZq4QyxUuStjz4zRar071quZZhXj0UUbQTw1FziAxe8ZpNdsalDM3KGTtgSzXSIDXdQy6Lg3CbVORSBI9dqzivTLpzY-OT9U3nQ4aCV1s6cfdo9QAyCzjnh_zM-EZAt6hu8B5XtJ8ASGE5O3q4vJ0Dr6BPwLmzOgFJ7FzXUDA_eDjBumO_AS7IuRcG24BTa3RnWtx54uTmdCb7lqQbrOvj7j0aYTMrnHuquf32kBo9KPfOs1e764Hymj6UZ__hafK9z_zgaWnhIUMSJLcVxNdDlejEJIIdD-_2E-bA-bqO8kGA2zXVZREoq-13V44tVOox7dCRQ0XF05kcTIahkaaZlDpWlRGM06BihIBN-rC2zrvY-PHxtv6GfHsz7EM8c-LOo96NhTjnBFKNn-fcbsJjqSEWIub9tgp1Rr6cwJ6CMX00XWziJ4yCbHYdimpci-qI1jyar16KO8chis4_qye56yGnr8xGjdFZFXopOXrjFxHEx51v7-adVVA_Bt7_IfRXAXGk2MU4oixlkptAbtGp8Nv6NF2hV8SvyQIRVldiISNZCl14wjnwAmVsRFQ9Kf43hBPoolqzonOs8-EEvHZEd9ei7hHoB5Jg0diHeH7ex4vJ7dkP9HZJvD0-QEge6Wmdw8vAGodtzQeoAf2GIqKc9FJwnuS1kas-Vc5XkrK6L9XSqMawciNI8CIHwJA5laSk_WmJyvmjrj7ZrBYngYKsY-LrqQBDQmdJZWyvu30IiqV84RZC3sZD8-gQrzqgwVFAJkF-hX66AJG27OkXPueoN_rRGerCG5JCAB-BrgCFO79RcpKeSa3fzAlbuHcAkAXsQC3_e-uWhU9SP2eFKUElDpNHwlGEZUyGVzW_CZif3pc5SvZdcNf9lJj5JkTEcBqh60mDXhI9eF31iiGILFrkk7_yBkrJLkSvakZoPbk1J_gisEcjB_XdhypZOW09mislW9G1A0Xg2xKmz_P10TnoRTvBr3abrIjPIYZIm321C8JZ_HmzLK9aeROq9bLMVVH-NfI16E81To_xXCSb8aMT5Mwtbhy6QgyG4FDYHzfkeITK2_gtsPaH00AtwkvgTKvsOzzYL-cbBLBeZ1XvTUxrYX8ymttkfhmVWlu9wmsR18ebiEYJJ4Bu-uLrW8BYkWumBIhe0hUtwUMjmkwrtbWvQ_UEWdCQTDFzsDhTf_Sf0VN4FboXmU8SCa4stdFK7wPBHuJgQwJSa0yYCJ9kim40yrY5iXxrZ2HRNvvFT_MsToIMZq0HcGo2oepEVdM8vT46g7wFF2MoZB7UePyy4DO4-SG1ydB9z5oYXY1lWAlDjqE1IO90KwMFAd3ghZYKV2W6mcwX13H1fggEbFZEXEwTjbmQZx0Vol_zXRLibe98NS9J9LLatdrOoxqPNpr8uK5saFhqKzHJeaQJkCnhmog9y2vn6-jyX-15C3SLtMjgQi07H2iaHJ1xaoJGZiEcZ9RH6jqyH4QKtrIZgE7vTHd9GELsY6SObkB7lNMxqrpYmouupMlCVxiZrgZ0NrSJUC3p8nN0f8DPgTgnncsC1wZJ6NFBxAAX75b6iQ0DzgCWLVexnNIRdUyx6SCMIS7rXhAjde4_rLVcrbfOzsK2sxDg9Wqb00ceQeGW_ZqJxEmUDKpurAL3bnB26t9z1sY1eRcNnDfl7Lb3tNBPEZ_e2082onypfCRBSNYXTrACQH8KRTg9Dj3CR0f4RAQ57ytFxD3pLRN1pQxcnKzpEuoV1P-CjYYfoKd2khmvXSznsCrhwCPxqCkFtS4zUvkCNFwGR64mjiEbu1a0Hk9paLe-Z6CXLEVML7-R9RZKlC4ODe7tlkmHKlCkPDEnMltJgvKdFzvfMzqqM2eQad-fOxmys3x9rpS33HXxeZ4SV71SoNxJjf4Pq-0fLOg96fq8h5AN5B-8DJvAGPirCyDe4unSxDNWZB-d13jhoAxCi0QBKjJ74-0QQrGMi3z7mLCQfSUxQRbj4EfNbm2xJS6RSyJaD6zzD75F8eRffOQBpgKNHLWqtAhyM7gqclrRAy5Mcxn55fKsZ5NXBIFBcMubUDkpx1KnPwjBMaB78U-dyrV4WuHDPKEeZOi2-9TiN_YqO-_SWF_CLCW3vGNf2Oinqs6A1TWvE_SuYssfgeKhiHY1Ykn0Y-SW8mHeYupYgyf0Xm-mSMyy0lkNqiqk30Y3Or3X__R5ZNwo2L7SsplfNi8DX0YGQZEMzv7rZVu3OUYIigq8JyS6pjg6lkxZtwZoGpO8eTQ1_RfZi9aNblxAWoPKV22K_AKLvwvFhFTU9gBwe4lyw3Aux03aiayKvglHofg-4njuBsanvvOPFARfD28jw6fUIxCtOYv_ahlYj1-lpKQvScZR5od21rNFjEj29cnQvGPKLumwQgglVH3B0KAH0McecX9fJCtI0rdxty_nLW4dW0MFyLhiipWs5dks6w35Y3IJS5RPREEgx14TN4UZEiZZnYYo8LRE3MvPWGpTxLaKlImEHLmMD8XX9bBC5BUo37YtOo6MfFJtmKpNn-vktIa780BLVi3LcE-vsFHu2NIs2eOsc0Y51TgUd1lCqOfRwnePTBurp3Fo951OJ0O8acYIlWk2B03Er8aSGuaV7qcFnsACd8vMhJ29WRKX7Fhw-kjpuq_1H33YEWavG_R3-G6IKSpwJCxD2vIXCOGowTMKA0_ZUBuRH_Dh8ooXIauiDxAhQRO6rJtt5YtB_L_s-MNZIl19AE5N3NLnGdIlFCy7IKFBOnS-dmBJgmPXmPJpkYnXf5XKYMni7xOfqq32i8P5ckQNgASq-Pk8HR1v_BQ6J7FUm2KfqlBZZPI5KBQ-jkfR8y3WCzMBs4Kw9uoI4BoSOQCbAD5AHFYAAgbrmaTaKKT4pTda&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fhot.tinnendoc.com%2F&ds=l&xdt=1&iif=1&cor=16910715073142140000&adk=3944675600&idt=108&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:19:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A182 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU5NzQxMDE0NjcwNgogIHNlcnZlcl9pcDogMTI2MDY1MDgyCiAgcHJvY2Vzc19pZDogMzAwMzU0Mzg5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame A182 0
836 B 90ms
51ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU5NzQxMDE0NjcwNgogIHNlcnZlcl9pcDogMTI2MDY1MDgyCiAgcHJvY2Vzc19pZDogMzAwMzU0Mzg5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzU2NDQ1MjA3NzU0MzUxNDQ4MgpkZWJ1Z19rZXk6IDE2MDExMTcyNzQ2MjUwMzY5MzE0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2OTczNTMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMTc3ODM1NjQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcxMDAwNTMKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2ffd0adc348721a90000000000000000","13":"0xc7a76f7d5fbf54290000000000000000","14":"0xb6197e3590f572b10000000000000000","15":"0x14e59798ad1f31240000000000000000"},"debug_key":"16011172746250369314","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"3564452077543514482"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4951
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CqxSF4VBsZZO2Eaak1PIPk82ouAiEpPOhc-eq99jREYXdo6fZAhABIJzO83tglfKLgpgHoAG8g7b8KMgBBqkChxZyOYpCsj6oAwGqBKYCT9BKyVL-_7m-rKlDxa6T6_Sy-cG8Co28Fw1p...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210807751212502091432%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22...

0
0

99ms
49ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210807751212502091432%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210998350268%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227216537059207594737%22}&andc=true

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10807751212502091432","debug_reporting":true,"destination":"https://qonto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10998350268"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7216537059207594737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 09:56:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10807751212502091432","debug_reporting":true,"destination":"https://qonto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10998350268"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7216537059207594737"}&andc=true
access-control-allow-origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 4951 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHOSWyI2-RN5u2-e8G9ZOn-dACqMI9rF5I0VShs4YMEPYBn6fVlu4ug7RhW-0hRsn7ZBvvsBRnBs6h_Z_kSOgK0qcco1t2uuTLUxmfYM760RJanI3BopW0pugAFSDx5Pbo0PkSttMHSu8RzCURN3e-Hh9oNcQKXfHbdLmP4y2sVb7Hkl8&cry=1&dbm_d=AKAmf-BNnVjLU0s5LHTz_AqPlSvv-gqUa5OpviVFl_tYk_01zOoPX4AsXX3Y_m16nW7JGsdTTTFM751985UU_vHe_0xZqWVu-NPBvQsRG1EAC1cpkXHasuVmloSEGrTVA2O7-YyXD2tfPSYpAKKthEOmGAsSqp254rCFv8bnC11R38OAQ4q0mIpPc126y3aBQLlyfocW1-bZqh9zaFBzjWPrLPIQxK5pEIkth8hBdj9LACg4L9gtm_WaUM6bEWHkguM0VkUowk4lS6XshbAfxAgygWmvYheYTsywN8XsIHnWdZBkis3AloNPmTTnMH31-RPmU7m6ui3IgtWPOXVeq6jwUOnxUucjjrKRFZ3OirzpHSLkptNkWPwAwd18xtqpWbhOjtCOSAX0J6Ep4M9wuqIniINCdNlXLPv0AFslwyuKPOMOike8g8U84QsGiz58TPxkH0HKGfhoFpzJVuelfwBLdH4ilXnfcNZ6IphXkFRgLyhesiAerzGBG81-IUrz70OEQk2nV0lODYvqGZtOvRG4TQ_NTScYwQnmHPOB9PlytLGnK1yvgj72A_yc1rjbA6HDx1uCAKfxDsyskH1ZtCotOEhBdpysFlckFnX-VRj-fpV2NYb-WR9DhL0Qxd5MzwEhIcOMvruhrBmDRZUa-e3zzB50oN7j6ACLZUXcRF-_SMBVTLM4r1UYJGtALpxYm93TMi1bsvJx-VXkqff_bhOVykHbSIg1RAE1mLdzY9gH1zwcgG9ls6WqpX_wj0aVV1Z-g1X-CAn-h6ZLvcAvIyNEZUFk_qKCCMwpM5j2CSJ0i0OrD4-IXhjCFvKlrjE94rBQa6IkUUQAS1E1s9k1uq7zH6VL1knJWcXd4venKlWVDymzgH1V5_cMRg_IXSqHut9zm3WzjC5ahwBC6f8wo01QsEX_ZS3VSaGV8v2fwbAUfD3F_I_iDflFvB6geH0u-FvoQ11kHWW9kExx9gFv9x7MLj68HTWQm7_JxUMmBx8t4Zsbb0AyPL4V3ggY9mfs5i8CGjNvMSFjLrZnI_cdDaIVRKQ6vVw12xhRXuhWzFyk-C_DsCgI-qG01sdfN0iqdbyrPb2TppWpqQEs5aOisoK9JvBHZa9wQHMFs_MNTPuMaI_KvsNcxjrqVaU046MeFoDaPnVFguZIH5vs_mbf-eJFLyNSN0vo4OLY_jheHWtScl6pK2X11roJDdWNzwp1_7N-KzJSiQ2_64vojzCQw8wI9uiiVVUKdRrZ-HD5X6MJlyF2vKV-nXcsUYeVpiIIjH60XPK8dg5sJvDFU3U9poaZNCgxFWNBS1QK83cCtMTYJSSBz83wwzym9Y73V43FE3VfaAIzr2SNFdhnO5SRZmd4_GORCQ9Njo3olT4ttL2nWHTaXLwURcKRidOdHWZ5ngFSHIK0mp0dLQlO7B3Aolgt0DKKOtYqL_030HCnzvfTqtX6qm3J_Yp2Fu-r1z-7aYK_3rT72ESWhZ7wf39RNC3c1RBNtVgokvXKHNEgSRfgxpub6_Q09DbJDe2etxTBwokZH3aff754h5S8GkK1vMS13RzPkhmlzrYW5nYIoFmH7a2-v0AAJqo1GIYg2g7qFPGd92SSMMfCt551nbyHZuyQ1atxX7gpDrCKelYtg8xyPasHtJJ_ZvoAzk3nLA8c7_Ee5ieKaXtxNvjEOJb5M1rVJEP_3sK8X1fTq-no8CP6VyVwi3zVkO6KbjGXHKmfBbBGQ8OFCc8uiAvaeDsEJLtvmDujPMazWw-bt5vIrxIY7EPpcSko_6SGkVl3SOasBVAsYAywncUvD5ceu56BUeunPXLg8tfUfzsKsKQdniC-Z7_aVH5Pxii2LZ7X4ScqG44Rm-xQ5dafhhtaLMPEN1j8LnX0LlX1Sjxqfkjq2SQ_JSXy134tFm0M3ITmsg3w31Rh7l6KWV96w-L_4wP9y8BXeOonV_Iuo0NmNXlcFZ7U1xNj7PooCuuZFb5x2echv2rSKZWbxr0MkIAOav3lWZLNGxEQ5Ilpt9IXEHq0qQ4Rmqc4GSCymFX93767zjzZ-l65Vo01sNsm9HZm9TF6FF8Khotm9SPbm_2duvOrgNkYflzkp697HTPe2wz-c2lk30nwxn0mtFWeNiTBkeWilSCdvbRBPI-uGTmrDxKZKcufXddiiDqUg3P5Rc6oLNlIqtO6zipibfeWGgCs_QdgIb9dlo-F68lsf8_GscbFuinGt--z_6FssAxZpSX_2lIFmlD5mBZ9LvXIUBExNOedqA9X299xGrh76yKX4VClAPBsWCQNreyLdkm7ovOaKVGHiS4_5ixFUBGgQ0cui56tLncOS5Q3z17S6tT6VrxaYsi-KTTqkFNuzkYqkMTI7Y0q6phCb-tr3tIx3vU-wQFATs-khw-alyQZPSARxEniRCW860ZN6XIpy_6U8S-ZvE-Y8c9GA5zchl31u6TLbWPw6y0B_sEFOQhru-yh2yoFIqs8X64XgFjjCN1ZN95LwxCQJnYKvaap4p4qq5uZgixUHVOoAaVgFkXFlZfiLMl0SalSmqACeS-wbenCWfsyQtexQcDiuFPM6g1-UIiQ3g7yNslO3yWvtWk8TjGC_6x9LSnmh8zFrGKybZvwSzhCOoaiPsgf9oodHdV4qbedar-VpMSUmcW3A45OGT5z2DSgXvupTlaplbLJVpDPMnRavBqMe729scHUQgEx146G0m8Xrnu30ERvNIQ9zCxDV3m0o0eX7RPS0RxGyfKg8mf3U30Fohe-SNCrpIkUEPkJgdElIx6sTV9eAykAkien6IFZ5AwU5GDFc0iF3Gsn0KT91CgtllrNL1i7fXg4ixzHg8lnkbz44uFotqxAeL9RnpGk6nr8xVRkWnjLmf0FjWGb8F-6LTIbJDXlfELl3cEKgcF-X1PanvR7-fQSszwKLF4SvAJvr2pwvTnXWScEptQjfDpaVNsNAcdeFRZ-gAcFfYiUSS22lKMGKT-N8soRROZMqIRi-jrbWCOPc_a5bEUU-s0NSEn-qxPKyFVUKjcCrm9-c0K9AhUEZlLYj3Zq-YQFMEVh3b9QLdimpGYuuRbIZzuUmxNVkH98GOSJSNpXFajwty2D8pDDzFjaMfq7GkfeZsmYCAPQ8_ZvsGH6OnL9pFcqJ26YMyefSg74ZnPcNpvaP4IPsNyky3LQN0PUz-leuxo48YF-POW8q61-Fl06YYH_CCLrCRiIK2HUI3yRaLoWEjwpBV3-gML4A250lwGfGiiNS9mhRhiQOQg3x4vKLKccQdkx368SwcUGpm3BpBZftF6O5tVGfDdq-pYJaTgRz7Rp4igsd-LoY3oxki1mX_G0diHyfGdOLZUqK69O7VCEjtf8ZQivYerfsNiutkU3K8VMvqWJ0j5mAbpU4zs3okFpS_xaRxS6gJC87uxvJrygF_QRRz5HTCu5NBNWqM7WsB1cy2h795esHX_1pMKHZqGDVxaAuFvuTWOtD33_wFjBCkXvQja1QmPleR2lW5Fn4lx1KpGlMQhtg2Was5JWQZi_M3QkkdEfPTULLcVWNALdLB8dzrXL6xpt-uOTtqMGQasfzqL4hO2UlUK_QSSdBKHa5JmCisfnNapgAxmuzw_ESBW80hPghHUHuSyqNuPE7wx550CJLdImR2z7rYW0XZlMXENj1sYYrV4Ij-8p1S8JYpb1GkQRTTYYWpMJex0FcsxiGrFCJGNKAngd_Kijj8Oi5S9lO5bal8D8ZTrbG4AcHfe5pT9j-5oFOOSXBZ7DWDU4isewH18TTIGRNoEZZwTd_xpALwJ6t7EuGEW5qw6a22jl3VRo3nUZymexaIinKzRCjeeZnOF5xpZefph-9Xyi3mOhTMaQCfTos5nkhT3M-aDg54kVeaYe25RiPwgucILOyl050bNj2k5zHdWoOaZi7Rjz4bI7gVV1UCEVpHDgCB7Ts3BEIhMm6yDWv75s_Zg5aIdQUTPNUgemty3AZefIadoXDRDgh6zIRL-GUMvpe9rKrz7YKb_VtfsiTJdlcs2Kpmqh95vXlzbNl9OTmZym9h1c33jY0r4Huuty1OHrL4NIJoet2vf4rwYKeRDRv0GHolXZo44X65hH9jcIyxDTp5XO3Hqhl612SyyGXGMlFRUcG8moSuVtJznEJtHbR9gmPICCahknAaFX74jbeNNzbMDp1cdIO186y1UQV6gOroS4rB0i6r38nAoe3w98sP9KM46Z1-QouOo2K8r0hte001GrUj9fYVICbrcmkPPKkQXxgDGnWSjpSsKaud5W4Ox3gNjDiXXOAMb0A5_m_P6BcJVvRScETCkpBM4kjBlyjrzOIKkNPOSt4y7xFbb2Q9NkfsrEdGWsApUWLSbwAMfw5eyYms0O9-qfSKUJLF7WoPCfFk3bO0klGyOT-TAT30fyvqmXFJoLe2uNVvM11gQCPCb2rnoOjSmWweQ2BBOxy6NMMuQhth5e5mOQ-0mieRvhUbgvLTiCmwXvqqK3AUehug_lylHApEM9v5U2LIJguuc2cOHHCaYocflsiOTstwY9HkLxSzPIojy3fhQO4lgwreqo_XRRyzy3EWp8SzXY-szGyFOVEx8uW_tY7yStKHWy0U28VcFXDwM_JKPk7gXsdcHr0flZ0sZ5JikNSrLKfdzmOpFNnopbAaYTeWrLGw4Qxm4jqUuF4-LTqlBciPlTDEQToG9-RgCufXfuHrA76_SxZ-YwwZlKyUZdHbf_7oXLTpP6gK1z0uQTT5697wUvww-qY4DDfDAYOIOqdlM3Z0xgsOSz8akhsA&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&dc_exteid=31388931936819229150988046444863626&dc_pubid=4&cbvp=2

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 98ms
48ms Preflight
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CqxSF4VBsZZO2Eaak1PIPk82ouAiEpPOhc-eq99jREYXdo6fZAhABIJzO83tglfKLgpgHoAG8g7b8KMgBBqkChxZyOYpCsj6oAwGqBKYCT9BKyVL-_7m-rKlDxa6T6_Sy-cG8Co28Fw1pggHek2KxI672hP-rUy1HnehVHGKZB3wvhjyn1c9J83tE-wL_SwttFdI_WAafrDbvr9D8GU9WjyJkUOwGXZ47Dr3RYaSZMzYWAluuwqqlP9c-jrhKQJYcynFhBfXBw09zD4QG0_KPHzMEa8JNBLV-iFlNMZaE1H_3Mp4A-X1A_vAB8Zb2aXPQYUt_yVqDBkWFT79jQGlt5SLoqDq7sInM42BDR3Fn6venB31Fo81WRAvUxyQogRA8DHCAtKuyHgxHG9-NExy9u7aXTxnsDPbl8QbLs4A6XYn_-RglKd_xnuClC4CSuvtUkGfgrL-uNZC7Ql5zyhZ394VPs37F8Blp_3u7BtIga9Q-hMeUwASOxemdjQTgBAOIBYy1y5xFkgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAe8u4bcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEIOZIRjlxvzzAdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYpdCDqYDzggOaCcYBaHR0cHM6Ly9xb250by5jb20vZGUvb3Blbi1hbi1hY2NvdW50P3V0bV9zb3VyY2U9amVsbHlmaXNoJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZGVfcHJvc3BlY3RpbmdfZ2VuZXJhbCZ1dG1fY29udGVudD1wcm9zcGVjdGlvbl9jb250ZXh0dWFsJnV0bV90ZXJtPWltYWdlX2J1c2luZXNzLWFjY291bnRfbmF0aXZlLXY0LTEyMDB4NjI3gAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwiLyoSpgPOCAxUmElUIHZMmCoewE97M3hXIE7WkreED2BMNiBQD2BQB0BUBgBcBshceChwIABIUcHViLTEyMDMxNDk1NDUyMjQyMDgY-OR1&sigh=QHTb3TQYMJ8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&template_id=509&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 09:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4951 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7ad0129c0a5caa342938aeb746f2381a8a4a0517f7de4cf74445040c35deb9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg Show response
ads.revjet.com/ Frame A182 43 KB
18 KB 130ms
40ms Script
application/javascript 65.21.20.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.20.220 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.220.20.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sun, 03 Dec 2023 12:56:50 GMT

GET
DATA 200
OK truncated
/ Frame A182 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 347a1056239fa107b858d51b0a3f435d1803b27b262c08463a414047294146a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=2311482636732164&bg=!fn2lfTLNAAY3kmNgF5I7ADQBe5WfOPlFZTgm8nJWukgF2mvIMBJ-4h8mRxHUp6JNYH-RaLa6-yhjwM038P7klbsMK-zZAgAAADlSAAAAAWgBBwoAyApnacKrIi1Z-EPxAh3j8vUSeAJoCC_KUF_M43-TBxhw2dGNk8mGPt_rEgVRWhoI9tnVoirLNpVmt6Sd4YZj7h4ZAdmr0awTAklAD0LoPW6ejNqFugvC5Yv-ZLuq4nIFyid9yUnxbzwBzhftmIcwW6Grdhee1_VQSHs1H0H9-G8-BSmxlEJh-_sY7yYi602cltZVz67SYjCR2MXDTPdIkvMYmiKn29wp8yJsr0kjeG55moPgBPwPLMrOixSwdCzV_ASlPprGee7-mQLBijmnLQdzI2nejUG1F2v90et2Jxb2qFUfiWOjn4Cf8JHcpx4HRM7IuH7k-LU0Cl9YnHnS1QPpcoXi4ZOCFvwj9oSqJ3-Pz4oUxzHu2KgnyklxWj8AvBCwxUvjFVR5CHYjmsDZTKuv0LryxpnxnOaL4dydIFY4AHmVxdkziw5nzFcXNLYNmSE_aVfXIQJoEeLB8rJLlZk9yD5l-kGkjp01ta4hW2JuZh9XTnwwm_MHsXjKszvA5ANMJ2g9mWfEVgZ47uMstVqvfYrzvoM5HK18X1uj2F_ns6J8n3HFL9FHzkTpMXz7UJ_3UUtvD679TXbHyywkKmB_ndfVPHMIJlBXT8FFajxO9PH7PsXkqqiEk39GHfOd6XhGyB37ledQ7TY2SJmzOjItnQIv1iy1GQ1ikULfg9nVlq7a7BACevhrVpRKwdyWNlULGwIqNbpV_8ERzUKwrTnng3J9SqF__x-8p0e8ooChHkjx7dce8OBEvIrfH_b1bQ3EGiJV0W40eAAJZXmB70WHI1D0FoLj5pul1cbe3jUAdidm7zbNCis949ePGhiYDXdaCf_6MmZwH6iBd0icejGwtDxHrI81FUxMqGeOwCxro7G-Pu6ef5Mg33KaL216_cU8melqNKElcCXvFDO0z5YrLpMwQ5iQQ6E_f-_aOhUsZwZiIAZj-QNtdgr_9m6CVGIvxGVXpvd6PAC_1a6moJiyE3AF_6XdRMtO_mLFuGYxUUfhk8wlq5xhZuDGUrmSej4kxDQq0eiNZgRmG3arNDduOSD3GvA2ILJQcFCN4fCnF40D-38T3hDrlVyJcHv27b_W5dpPha-Qz7-6mzcvmhs-59tqLcIzKFNUz5H8AYh0TN8Wule6-I-WWpZfrqmCCdHsIYs5BGbeTaB2cKuu_j_vAC_2vd6sDB9FMqfA1V1BK0kQZzRK5Cgmb5mO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AC5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c2aca7089ad165c8fcda6fe5ebdb0eaa04b59334561431e69cc574e2346eee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame AC5C 0
699 B 14ms
14ms Ping
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang&e=wqT_3QKCCOgCBAAAAwDWAAUBCOGhsasGEI2r9-i1mKPoCRgAKjYJMqpXjMB48j8RdEEibJYB8j8ZAAAAgBSuD0AhdA0SACkRJMgxAAAAANej0D8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF47vEFgAEBigEDVVNEkgEBBvQhA5gBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCf2h0dHBzOi8vaG90LnRpbm5lbmRvYy5jb20vdHUtbmF5LXRyby1kaS1haS1kaS14ZS1raG9uZy1jaGluaC1jaHUtY2FuLW1hbmctdGhlby00LWxvYWktZ2lheS10by1uYXktbmV1LWtob25nLW11b24tY3NndC1waGF0LW5hbmeAAwCIAwGQAwCYAwmgAwGqA64DCskCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2Y2MDdiODUtMmFhMC00OWYxLWFhODYtODgxYjQ5ZjlmZjRjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWNmNjA3Yjg1LTJhYTAtNDlmMS1hYTg2LTg4MWI0OWY5ZmY0YyZydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhI3MDcyMTk5MTIyMDU5MTU1MzMiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqTnpJMk16WTNNall3T1RrMk56SWpOekkyTXpjeE5qSTRNelF5TmpRPcAD2ATIAwDYA93X4wHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXg1-yaq6_-2mXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiIvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAABimTgBgHyBgIIAIAHAYgHAKAHAcgH7vEF0gcNCWF2AQEBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7ddf75ac418c1af49e8048ecfeb5bb0668462942&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=158&sid=4010397161227609609&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: 4399a878-f605-4f03-a0d9-5701cbf8e544
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 101D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:50 GMT
expires: Sun, 03 Dec 2023 09:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E4F 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 7290 31 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdftunQx7EmVoahjIu52lPjmHkZVAwRUhSQkaeyCyiy5sv_j7AtVS2UY8uygvTfAaXs-7GgQzPOarGFS5HgAPnkKTM4R7t0GY0oIIUYFPOwcWlk64jfqR0z7fHmEADv6mWkPSjNQk-xwvMyD--eX34dRjbFkteshXlkTiCCW43nHOj2l0&cry=1&dbm_d=AKAmf-AXGHsvJ3Bqy5DmJTUzDuigJ6NBfmjje-sEspdhe9Z-cx3X0YliyqQtSI-Q73cfFDysFfdIPiYHPgQrF7Kof5VSGy_I4X8E6fsLjDKhCPmuroVkPul0UKNUkBM9LKfR6B32eEathgQ0tgRNIHEgVMDO4zXW6Jkvzcv-HOiIM6DEAD8RZ6yDP4lvgkQnwCb-bf6WbCalYRH8wPuwTDVQRz8mBs9nThOWmd-SA6D1F-l5h9H25WdmdFz717L5YdLLZ__LQhUKlnP8FYawmGOtJ3l-9Y1b_Tu0kUnVJ0gQjxTmMWsFR_aP2sbmBJmv00Jpq5DjD07qruvJSfOJw4Yyl6LbrexWrrmPhGxXXCJeNuZPOqNEAfsi7V40Tle8BraLOBrKlskcg5FHKKLuFLzgp8OcV1CAl3q_xRP7apRtbQhU5Vs3MYDb8MEAhMVy2X-mUH5GPrJ5XRbE4Bfy5pbhdjdCaFWvA5dB7frrJCkRqlk2S1UZ2L_5o7dENmN40CsM3tsPR_D_viankffp1TEe_Bv5H_X1r51zHaGHJW19WSLJUpqSzJLj7EpE2FO7JeL2Uvqee9i2GEx1cSf0FGS-TyPDCLtx063qBhq3aVZ_cWISrH_RiQZqWQjur00uHJjAJDfexWzOA4Zoq5DJ0we0UfyIRPCDJUzdoTxZ1_fTKX1APtt-bFXxHEYKYqlnZkDNwTZ-ymiY2irkd94tjQtS2RjIG55qTy6DHMC-eoURh4xMoZkwo9WD6P1YO5IlzIOrwTlLDiwvgmRZ21sq2wFdcsXujkv1ePFmUCagkWB6ZaJUINx5L6Fx3qTZ15Vv1knc90x4WAiT6e3okj2v8V-vt5o1kSEqsIvCCh93nY5xyTPqdzL-xt3d6gNGkrGCGECEeh3rutQEdmjT5EvZ98Zb8JwZf-CNpTQuwV9J0MLqzKG6mwCwTqG67tMnPHxrIkCqGOVYgD674rYK65pdo74oXK1gumGNNxcVsEvgWMKvB_sE6xZ9JFPHrW5JqABlVSd3tnr-DZIdFowyHYeS114fZRzFpshUMPW148Rg8tKOtBlpk_RiAp0gBNLA-xRwfdmyGfs2_aP4zy75FZYerrLDsV480GQJADdnNvE9c_xySykANel9m0vPQUqfA6OtkM9WJwQLCeVXBubNPLza4RD-CMJcLVsEdS7t__Wqt9fS20XR-eqbKt290TmiD1ciE2QGB8uEZ-NjEydx0acI9Yl__4hOTyF1xCTgteS3CUsDGKKOoO81NCsG8vPvjiQQ9mB1V_58qBtsUhdZv9s0sGzjzzhLJTOA7FUHT5e4LuZ96OXhb9fx87JYMND780_k3LPGw8QPbs769snZFAeWYspDGsQR5GZkeofJbXv-RAUsa3v6GNuNkTWX7fi5QzlSjwR_eDkPFnhS-D95bKeSySONt5bzTqrSzf-Nv12dBHr_rS2q0Jo2tgJrxPKxwIaCmdR34uj-C0G9SnYK8rkU_ye00YwhpZ5mVTNcBRZNshkE0l8KhySl1jNPMgYD1n30JeqJdOwl8MgMts4Sf6_Ooc8XJf-xDwvpmz_heidquotP99AQm5tO4ZEj7nAp3EzatMZr7zNFw1l-nipX6sonrOIYxeifBINUSq5LE4-r1Q8grnVDz9sDaUIFtvmvcGhbVUeDK2z7WxVnEeggcQXWjHkLtb5BNp-Jazy_8r_4DbgH80TMYSrJqg33_a87m_2jajkQtCMG8qLGOXj7QphHNIhbjURfemHQE0JsG46nKUWKrX8FqYyUYbCAIGqHMg50VcWCpBMoIY7U29l3GB5MsVC90xFU1f-6khlgCP5YN5mQKYgmk0eQ7ptr_wmAszyxDq51oJ51osc9Dgg9tECIzkoTnFOmihy0tSu1oXvdkCo60cgrzBdosjX-QJOsPTblcxJ4VyOZ-F_Lr1T-X1j_Au-_5dga4MyOwhJ98KcgphkRQZK9au3wuWIKM7L7kXJB0KjItDiiDWB-JI7VWGshDgkY0YVzwzbTAf0HVfE1jJqt0FcWXNB9BRLhKOSaJb9iTWMbkyK9XRZyWEY9EGLXb0kIa_wWKdvozyPvSXhus5uc2z_GoXa6TL75nzeI-AsaP_rdB95hv5OAglBsf7VA2ISJpschVBGPQpDjZDUEe0FF1MLOkduHWVr9v6NYxGS8siV47Tv_k5CWuLDd5n6vcewFy7jKsw7K1GcMV5ckOwpQwQb9bjkfKbYSR534qL5XG9XTDJL1jSCo7ogFcABj5FPUVBqkHXUhtqgzoR8Qozmm6lceQ7J077GCiDfWGwvuarav6VkqV8eI36wcXWHb6BeJCwqqY5UR8XKYF-c17ti_eRRKJYfeylVhra6tSMrvHUzXB0Zj3OZKvx13VounbmY2YgOHPRfEyubJ9WpXVRkTktCU5tsuXiYBeJTcGosP5b9e3nGEX8XqW0nX8U3WlvhjuqKBwqiwMCS55z09RagsttP4f7W63Jlyk8hp5cI5HbI9f5277Ui4w8cBmYY9VlRvzj1clOENxEQotNByDvwP3Db0eCHIgkgcCbvaGx_COVTjTCsx2wJgJykVKM_sDJTF9uTrtzCIaK3smwpR6BRV9QR96b9EANvxCemePNq8smr_JXlyisB69ECh6Lvsz43Bis5FAMjzpk-QlI4ArgoP-y-3T7qDv87813byEl02X4AnYcMgBcidTGILlcvP88RYEfKqx0xU_t0g_WLUWUF0PD3fJlts-3rWycEwbTbkYzmNPYlCNxMB5dMNPeHGdXKKqtUEgpXa0E_ruMjOwCqaKpDenYUI2I_-iqZKOorowhQufsk_67Isw5_Sli4X-fUPsvPIHejuYNYy_R_JmjoxCLNn0rPZpd_oiVy1zD9y6CJDO9WQ7BKjyalLkl7G8w1CCLNo9GZRWUI5gsDmZ89V6zW0Eo6pIFm1irhs9zWTu3sCVexSdEUMfYw7Hy8Dioih3qqJCQ03ChkJYpM_L_0uRvg0PtdZG6QsTdL8QbNlrLwyBG29zSc2tHgBGHYQrRjY-IzFKB1qrqLIi9Y1vsIdzV28XjmWss9GISAJk-JTt8a7a79ax5940-9Xq-gITifDhWN-Ta4qXQRIfFuRDwQamk4_PQWD8xJsP6cJqAaD7nsg3edsGuxuceXSmhFLCbwYheZ58hfcXeQzN1YOWw5oTPCnKdgxsIfAKerPNbLSmWGBr95lC7gZwhydiJBUGjfNns5aCo9sjmD7nNlrDFHRpo0qbVHdnxFO9R869pRN2j_WeEtiaTXltfp4X_tp_UIVnxKdTG1Zt_9kmQXCrE_oIN_tkgDiHoG6euSOhcxtL2ZiM7AbmqqYAMMQd4uFSyAD6I4oJ2Uxhlca_Tne9nnNbrKCsHyHX5GEsmjT-qQrS6tHW_ABHvPCcKaHznwEvq37IAz3XqaL2LLwsaOfmNDY5cZvnUMMZRMl-JbZn9Dihu3TSOxw4X-lkv9ZEkU3X6cmEGLgM5OajpK4454jdg58j5NY8tgNIMoYHE9h4OCWcRuNPNlH1rBVppPfcojoYJCve4X7ywXEIco4o7SuNoKAnTvJjRqM8b_zE2Rrbi_jt3s2kTMDx3uUGU0BDdq8R8xbvmelCg9O1tkhkLfxdBGASBeVQOO6mpgmsiV71MA_bP3BSNtezTfSopPiJMRSBn4TFS2_ulOHc4Rp8910YLdc9W-lG3r71DeFFZlUG-DKVGtz00_8lTHxGCY4yChTyT5umtPfq7CBS9K8pH5Fr1oh7CPBmD3r_ykuk_EaoJcIHjyYlMxxgXc7lwRDF0gK6tflOdnU9LQ-fT7kzCbFrENohCbizdnvW9B2osbgAPT0aH7gA3WT-NuxhEMU0OFCrUPTfz6u-aIy-BtNyMcZicWRgXgvDf_WHZ2vefj5BUUOcYq5zUtKynPIGyxEJqLt69rsNIzKqS4Y_D1AH6NeDL_T51R30bcusX49zp7_tn3doMxCRpIWBlMBjVHJMkjgoaOCxl-k2bYTIltjWPO9JviNEAiqod9oSg3jPLTbsK5GRljx2cwB2vujbvj9e2SdtioiMpTXPvoIdPpjp4mUyAbZysTuUsEMP5R7Y7L4Qs1_0-_-k0hRWomW70PwjMNHHeTSi16uoh4Ps2DRwhMZkjuAZrdTv4ChDHjf0UJSTmdI5UjbYq0vXF9cHHyDxdGR-jjTci8indwyRhCD88R5XcF3QEDn4iFho5YmQJNlsgQmmkZyDn8q74RA8OIsXn0FzDPanrvbl4RAos8QttHiRsf6w9GORESBLUvKuHiBWxUSZTSzgCY9fkq8XcTUaXju8QtPoer3tlt9dUBzCtctcVeomT4NfY_tIGPxsIqhTssdXktDeEl84YER7YY_kCsKuiC5Gjjr5k9owg&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhot.tinnendoc.com%2F&ds=l&xdt=1&iif=1&cor=2453386933101531600&adk=1033480531&idt=172&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:19:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7290 41 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU5NzQxMDIyMzA3MQogIHNlcnZlcl9pcDogMTgyNDU3MzYxCiAgcHJvY2Vzc19pZDogMjY1MDgyMjA5Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 7290 0
476 B 52ms
51ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU5NzQxMDIyMzA3MQogIHNlcnZlcl9pcDogMTgyNDU3MzYxCiAgcHJvY2Vzc19pZDogMjY1MDgyMjA5Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTUzNjMyNjgzNTU5NTgxMjg4MzUKZGVidWdfa2V5OiA1OTUwNzQzODM2MjAwMjc4NDIyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2OTIyMzUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMTc3ODM1NjQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcwOTk5NTQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2ffd0adc348721a90000000000000000","13":"0xc7a76f7d5fbf54290000000000000000","14":"0xb6197e3590f572b10000000000000000","15":"0xfdc2f21be65d0b6e0000000000000000"},"debug_key":"5950743836200278422","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"15363268355958128835"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 7290 43 KB
18 KB 117ms
81ms Script
application/javascript 65.21.20.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.20.220 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.220.20.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sun, 03 Dec 2023 12:56:50 GMT

GET
DATA 200
OK truncated
/ Frame 7290 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c60f119f941167d0d2a4f6ebf7dcc455b2e40f8e900e83f64f86703c0b821b07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 87ED 15 KB
6 KB 123ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hot.tinnendoc.com&us_privacy=1---&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 321004
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3814 38 KB
13 KB 15ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E4F 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC5C 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrPMG4VBsZZS2Eaak1PIPk82ouAjS4Nfgbo-ktpOTCsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yNzMwMjYzNDUxMzA4ODAxyAEJ4AIAqAMByAMCqgSYA0_QTcmX2TXK_dZo1B4aqZRas02T6DDS5_DtfWI0UzJxJgqnkwDnRwyXo7MqaV1Q6srNqG19k7tMJ_CKnbGZhzf_rziLbQRp1pW0ss-Db2A_cOOjXfbHuca7nwbK1ufBGnvbsafcUKXiWhrpsl3dZ1dV41pmxcg8eXMfn3bxBkBCIfKBwO79xx-4-Gaet3iYDX-fJrRd2BCqxBkmnwslU6epJuEywhrvJl3IJlNjsIPzmsE-pVEeJu3dWklQXyems9C0Xszr97YW-y7zN8oeNTiee3RThcS-nL0_mLr1St2QFW1fciMqQEZFWDkjlmuOG9FbY1lK3crvAVbPBb5-kq033oS2T5Sy0-1ee9Umi-hGcm7grfxCgbr_Ns7jzZtGJj-HVAUVEAwbpgDRMJRwY9PEFNvtghnJWZzTEAYtFw0AUC1YFfFHnJaGioO_vT3ae8Qu-9YUvYtQAxtlpemuP6fFLn6EuAs2m2Xm7TEiP1hncIKFiIaCqf_Lfkk7ZIKN0AdN4cMNf40_T7uH5uqTug1bHx65g2AVMOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil0IOpgPOCA4AKA_oLAggBgAwB4g0TCIzKhKmA84IDFSYSVQgdkyYKh9AVAYAXAbIXHAoaEhRwdWItMjczMDI2MzQ1MTMwODgwMRj45HU&sigh=stqzN8X9o3Y&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&cbvp=2&vis=1
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame AC5C 0
649 B 19ms
19ms Image
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang&e=wqT_3QKCCOgCBAAAAwDWAAUBCOGhsasGEI2r9-i1mKPoCRgAKjYJMqpXjMB48j8RdEEibJYB8j8ZAAAAgBSuD0AhdA0SACkRJMgxAAAAANej0D8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF47vEFgAEBigEDVVNEkgEBBvQhA5gBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCf2h0dHBzOi8vaG90LnRpbm5lbmRvYy5jb20vdHUtbmF5LXRyby1kaS1haS1kaS14ZS1raG9uZy1jaGluaC1jaHUtY2FuLW1hbmctdGhlby00LWxvYWktZ2lheS10by1uYXktbmV1LWtob25nLW11b24tY3NndC1waGF0LW5hbmeAAwCIAwGQAwCYAwmgAwGqA64DCskCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2Y2MDdiODUtMmFhMC00OWYxLWFhODYtODgxYjQ5ZjlmZjRjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWNmNjA3Yjg1LTJhYTAtNDlmMS1hYTg2LTg4MWI0OWY5ZmY0YyZydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhI3MDcyMTk5MTIyMDU5MTU1MzMiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqTnpJMk16WTNNall3T1RrMk56SWpOekkyTXpjeE5qSTRNelF5TmpRPcAD2ATIAwDYA93X4wHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXg1-yaq6_-2mXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiIvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAABimTgBgHyBgIIAIAHAYgHAKAHAcgH7vEF0gcNCWF2AQEBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7ddf75ac418c1af49e8048ecfeb5bb0668462942&pp=ZWxQ4QAEWxQIVRImAAomk5i_DA-elUbxQt11Gg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLVVt4VBsZZS2Eaak1PIPk82ouAjS4Nfgbo-ktpOTCsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yNzMwMjYzNDUxMzA4ODAxyAEJ4AIAqAMByAMCqgSbA0_QTcmX2TXK_dZo1B4aqZRas02T6DDS5_DtfWI0UzJxJgqnkwDnRwyXo7MqaV1Q6srNqG19k7tMJ_CKnbGZhzf_rziLbQRp1pW0ss-Db2A_cOOjXfbHuca7nwbK1ufBGnvbsafcUKXiWhrpsl3dZ1dV41pmxcg8eXMfn3bxBkBCIfKBwO79xx-4-Gaet3iYDX-fJrRd2BCqxBkmnwslU6epJuEywhrvJl3IJlNjsIPzmsE-pVEeJu3dWklQXyems9C0Xszr97YW-y7zN8oeNTiee3RThcS-nL0_mLr1St2QFW1fciMqQEZFWDkjlmuOG9FbY1lK3crvAVbPBb5-kq033oS2T5Sy0-1ee9Umi-hGcm7grfxCgbr_Ns7jzZtGJj-HVAUVEAwbpgDRMJRwY9PEFNvtghnJWZzTEAYtFw0AUC1YFfFHnJaGioO_vT3ae8Qu-9YUvYtQAxtlpemuP6fFLn6EuAs2m2Xm7TEiP1hncILHiqcQa1sxE93BEDcTiYP75eAH-4QRV2IlYLMXBo1xMwZ5AoJ4pGRiTOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil0IOpgPOCA_oLAggBgAwB4g0TCIzKhKmA84IDFSYSVQgdkyYKh9AVAYAXAQ%26num%3D1%26sig%3DAOD64_32VfQUxEUDAZslJI13TaDLFvKu3Q%26client%3Dca-pub-2730263451308801%26adurl%3D&cbvp=2

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
an-x-request-uuid: 7d37105e-ce2e-4c9b-bb4e-2e285ad27567
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 27ms
27ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.122053670281002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IcX942F1XvuM2LRk_o2F9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-IcX942F1XvuM2LRk_o2F9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 29ms
29ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.896126966442502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DlE70aRZ2_lRmzy-OmGvOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DlE70aRZ2_lRmzy-OmGvOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame A182 20 KB
7 KB 79ms
14ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (amb/6BA2)
age: 56
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 903B 2 KB
1001 B 74ms
17ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 50
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Sun, 03 Dec 2023 09:56:50 GMT
etag: "64e382fe-744+gzip"
expires: Sun, 03 Dec 2023 10:06:50 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E4F 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BR0bt4lBsZZL6CLqzjuwP1eKZmAsAAAAAOAHgBAI&bg=!CgmlCUbNAAY3kmNgF5I7ADQBe5WfOOnbav3Tp-0kKtBNaKwLV0glKqcWmDIpwDO2kInTIq5D-gvgMXqYPoBxz7YB9OVYAgAAADtSAAAAAWgBBwoAQcXSMmM3F4Po3RLT_v4a6P2pt6zaHwFsERRGY43jkeY8rmaAm8rvHLf5FQ-sd-8P1l5L4sXqvwaRifClzG0wHs2ZmQMBr81J71miM5SJbJw2Euzf56DwnPMHEm4H85B3x2-2xIaPMuSMH-mg6Kx4gDE4IUmQGM73fxCFhRf3WyBXvn6BqoHliWR22Xj4WEn8l6hKE7dLlRvhYMKOi6G9bpTwLmtYoP-f0sQ5IQl4n4_PSK_pKKKeVZcpahFHAEbVcyaOBY3FtFHNNGE9egP6Ish7VFN9tgF9dCZBzmrC__z-srhqPv0xKDeoxhc1e6EAoBJETVQ8K2P1sydN5qUPLouwX4yjCCJuqqh5xv_40RQHiB-yZugoKAHrBpID-vzjVcf9bhpJm3JlQJ3I5ix15NE7EaDO29RV0rsr6oZNL68z0oRBzyInOu1RTJgZfWP2KupGXFlmC4csdjyA9hwnvvHhZPZpXLU2yIWM2vmrRnHWhGkQTIEf5v3-BgCNtfU10JHt8soWGdlLvk6JCZLM_De-wta9Q6IOG7F0kktkArla6l6y9j_ruJBXZ60XVfvrsxKMQKKCRl-v_Kr4C7p91UiwHp77l51WZZmhqq6R22CCIWBJO1sH8Ra4orQmgbfHJ8AZveR9W8tYxDLRXgz3RyUUCD_ZlSX_yQ7lbrJZUEVX_Cdtk9QQ0JkrSt32YY3B48JWmO5OPUjkaRXuLddNXoHhJKyqYe0dGHKo351b5hEX2S6ZklIeuKkLWrGjSKOfe57s4KcLK7Ey8NNf2vdKBcZS1xJ-UpuvmeGfHpXXabfsVxuOCUfSXUZQ4A_xLvKJoU63LDc1L6dnpMTbPaoDMzw07_96EV2v9e06tEukpsM2H9jJE6WhAUax-qF79FxU_1lrMVOly4HvySdwqcC4QuouqyrPQozDNPNThnm8S6NX6oL_K3Hcbe7nOwcIfHigQJZ_DTec5n5X5Ie-aYo4-YdjiSXJGLJ5MklgNE3_Fda-2TiKDAVyBStprsROBUVBL5puW4PPNm1npPoNi8pXKowxB1vuOancQ6qZIn0sK5f6dVT048WYsZORBrr-bO40eazR-M5iLUqWVrK1vsEu1V2uWcA5dw

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 7290 20 KB
7 KB 75ms
13ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B95) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (amb/6B95)
age: 34
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Sun, 03 Dec 2023 10:06:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
49ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 09:56:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 8510 2 KB
1 KB 71ms
15ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 50
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Sun, 03 Dec 2023 09:56:50 GMT
etag: "64e382fe-744+gzip"
expires: Sun, 03 Dec 2023 10:06:50 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3814 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

POST
H3 204 AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
35ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--OMCukcF_Yj4xNpf91ucEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--OMCukcF_Yj4xNpf91ucEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 87ED
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tinnendoc.com&sn=ChromeSyncframe&so=0&topUrl=hot.tinnendoc.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Vn65o3xpMXU2eFF4cDY5RVF1TVJtT1l5azYzMTI3azdmeWJhczkwS045R3MzV3Eya3Q5SmNraHF0NlhTZllUVTNwRGt5eFJ2ZUowSlF5Q3VDMURoRUx1NDlLLzVKN3FPMXE0d2sxMHdHZHhvVzFZQTVETkljSnlMQ1BOb0...

430 B
654 B

16ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Vn65o3xpMXU2eFF4cDY5RVF1TVJtT1l5azYzMTI3azdmeWJhczkwS045R3MzV3Eya3Q5SmNraHF0NlhTZllUVTNwRGt5eFJ2ZUowSlF5Q3VDMURoRUx1NDlLLzVKN3FPMXE0d2sxMHdHZHhvVzFZQTVETkljSnlMQ1BOb0MzemtZY0Z5UW9ya0JzZWxKUEJjazhPMlNjY0xoTUUrNStQNVZJRThTY0JreXViQlM3SWFzZHhNek45OEpMV3lnTStuZ0grcGFRa1k4WFFiVTQwVnVyZkQxbUpJNFNzSFBYZ3lRNElVM0xBM2hjRk0wRjVoVG1Hc1dlUFM4SXlZeWRaYkZOV1BYbDVIU3JiMlFBUlVLSTNTNWRZT05CUT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cd2f0e5e49c78295ac0ef3c0c28516ea142463ccf98d60bbd9e7e0833a037bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1293612
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Vn65o3xpMXU2eFF4cDY5RVF1TVJtT1l5azYzMTI3azdmeWJhczkwS045R3MzV3Eya3Q5SmNraHF0NlhTZllUVTNwRGt5eFJ2ZUowSlF5Q3VDMURoRUx1NDlLLzVKN3FPMXE0d2sxMHdHZHhvVzFZQTVETkljSnlMQ1BOb0MzemtZY0Z5UW9ya0JzZWxKUEJjazhPMlNjY0xoTUUrNStQNVZJRThTY0JreXViQlM3SWFzZHhNek45OEpMV3lnTStuZ0grcGFRa1k4WFFiVTQwVnVyZkQxbUpJNFNzSFBYZ3lRNElVM0xBM2hjRk0wRjVoVG1Hc1dlUFM4SXlZeWRaYkZOV1BYbDVIU3JiMlFBUlVLSTNTNWRZT05CUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 262244
content-length: 0
expires: 0

GET
H2 200 tag236630 Show response
ads.revjet.com/ Frame 7290 256 KB
42 KB 58ms
58ms Script
text/javascript 65.21.20.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236630?_plc_id=111757016&_key=e8d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVwPy4VBsZZW2Eaak1PIPk82ouAinxYC8dNLb3LP6EPDu_-uQAhABIJzO83tglfKLgpgHoAG5rJCLKcgBCakChxZyOYpCsj6oAwHIA5sEqgSpAk_Q9DwbHnr9JVtifMYQpRgv0srnaEPlX5C-c2ASJKLmvI3Z8Gf2Neot78ohjp76tcvbQWZwTPLhnIsj_lbmZDr7EAxI9zY_Mzpou1jPtsA_tBa7DGra7HgQMsQn3-pIi7ArTI6YfAiKNdhL9p_nrn6730VoVxFG_r9KXOAa2nhKkl779l5V68r2-gRZi22vynFIFeCmAJ1KyJWCCEnL6HtXhr4SUWnE8hn4p-7njv9a6H7tHYwysWJBoSNRs1eDjirJktNYaXMC_UpCvH-y_h-uAcleKLOvpihEScwxcznwYNQ2g_sZUfpSYHFCNzutC4m1YenGQcG4wEdHaPijluIfJZoxYa_bK6bkAlx7UUVMGtRUGO9lHF7r2kXyTnjS4Djcjv0_Y7rGHMAEnaeruaUE4AQDiAWMjKPYS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlil0IOpgPOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwiNyoSpgPOCAxUmElUIHZMmCoewE4ii1xXYEw2IFAbYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB%26sig%3DAOD64_0vn0iNCFmSeRfoH_3WHc5SA7yelw%26client%3Dca-pub-2730263451308801%26dbm_c%3DAKAmf-C3q3INfV_gJ7gP_trxP2P7TZefqaWYNP8U_o9UmRGTSn1uv_K-tKGn_i1Uq5FYjPU-LBzxkL0iNPpknFdO9fLvimj9sn0hl6Z0feBcznI2B0e49z7jdooMl6xd6JG1UWPsI9I-SrHk5KrU9qpMOns4pTfkYx3NNtxBb6L0PXLfB_bbOLg%26cry%3D1%26dbm_d%3DAKAmf-DkAGJTZTjq8IwiX3tPicer8XzBAGbeISY4cn2RK13DKkzuTA-btKh_aGYMBkCqs6Ky3JXJagXM5oRlk67pb5sjR8tKNtj6p66hxCyIyBoU_oyRgUqptCILAUXJdg99Xp4mbJnYlXVoUIXg1AGWINkjsxEB_HlNDQW9xDPyDeygnPyiyR5wNBxxOIPx5glKEfH6zjMvNZRoaeeY3mXUGMhbyojfktdp6XqSi-2z97RD_cXg6KIzbSwo4Nh5HrL7nvLBw6rRMhRDHWDQtd-0wlVaihUqH52E1_tqJ4HqGHBc-u9N3UG2zLEc0_02kCJltLTBmZrERkOAbI8l6uZOO0aTk-9O4vhYJuUhRJbPP5S9_ujXHg-sjP0IKa_zrLNdFtzSyzXSyzz7c8WJFXU-Yu-V7jJK1F1tBDWK4644N7T1KOZKbtHo38YgXa0n8QNBl4DJrOU-NCGAtUzv9jJHYEerkvvxRgXY1vLMuvedUgjhIESA6atumpgoiF5l5qErtA2N1S4FPMiRYPf6lXuE8AY0tloEWCuhtAf6BB1EK1Z-rfxU3xM694UKRMKvI_ASk1poLunQUKjGEad2FFAOglqXx-ZXJ1eLlh4rYz6TQIUJMgXEQQ895tj4Pxx4XtyT3dvOB5E65OkK957_U6XkM26_pxJ9YpdppMdosLIZeOAPQLv61oDtcGIwCm80LmUrySgldGktiibKe-Qyd55to8J5N5QASeR913Pcv3v3pAJ-12kEkYNBYNcTZseE_2srKLDPlJ4TWLx8OWqACbDL3ChhMx0_NQ%26adurl%3D&dv360_cmp_id=20317783564&dv360_li_id=1013520331&dv360_crv_id=467099954&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fhot.tinnendoc.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=c68929bf95c97cbd1289_1701597410482&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fhot.tinnendoc.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1701597410486
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.20.220 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.220.20.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 904c5ef336ffeafbdfa1793a67414236218bd6f5c422d9b795adf1a5ce6fa348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip55618
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 tag236633 Show response
ads.revjet.com/ Frame A182 245 KB
40 KB 96ms
96ms Script
text/javascript 65.21.20.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236633?_plc_id=111757040&_key=054&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCid1Y4VBsZZK2Eaak1PIPk82ouAinxYC8dJrd3LP6EPDu_-uQAhABIJzO83tglfKLgpgHoAG5rJCLKcgBCakChxZyOYpCsj6oAwHIA5sEqgSlAk_Q8eseK3VfycVvrpA9gJtIgyXe6dk-9u9qL8VnnMVieNDhqTqDOEIam_9OpV-NAu1sbVtqqozlXeWwflOtHTG7VwY_gKs1JRsmrS42pY_RjSdiazdfr-g0LkDGU2gjdR9BXNzn1ZSYJV1vgEBS90XIOsPUK6a9NZEuqVlomuRKukiAfcYkqoruWJ0bhy84XoJPBrIcCStGq9XV2Vq7b3AC7L58lmTHdgp_8pn0CpC8sN-uYaojiFPH4NvE4s2NPFiID3-UAc34mwGyzDg1waACUhg4D9s6bwNNLWcgiJLPmK7V4_XdaZ9A_nOJ4RlDu2tT77jrlYi_1gjkChAEunOfRhkvkOrwF1rRZCehOMWZIv_hlvgT322CQb-ZU0NWfOkkQxD0wASdp6u5pQTgBAOIBYyMo9hLkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WKXQg6mA84IDgAoDmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCIrKhKmA84IDFSYSVQgdkyYKh7ATiKLXFdgTDYgUBtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB%26sig%3DAOD64_0follGvtADWVCxc7ai6vYguAfDXw%26client%3Dca-pub-2730263451308801%26dbm_c%3DAKAmf-B5l61Z2gZ_A8joVWiMzEv80UsYDEV7HIBzkGQIV5c2ru0pHZRKB7Of9tENikQtA3Xo0Svwfcg0Sxh-N_cNi-2aJq2hJBaq2Q_9NCJlv9f0ERfbrXt_2WJ9AK-XgMXV8ORlqEyMHxMd2gDuzX1n47rvTEDUNjNURb8JX4F8ual3_Rlr0VQ%26cry%3D1%26dbm_d%3DAKAmf-CDXPstzXr_OchdY7R-5T8DXIfSh24OCqIFYOwgPutrSOIdFHp9yzk5gkVbIyt4E6I8KDP7pEQn8vx4zPlT5zoH3Fa3yT5ZYzXbI2TGFVZ3e2fasYtIPhrRUbngrRcG0SAb2_viZw7yevUX_uFcpDpBg5DRASIiXcMqfKMfxe09g19ODufUu97NqksfR7sUTPfk4NlcuYl5I70bw5IbleWG7-GbrF2KY5Ky4IbfrqrY2D4kvRMD4XLpeGVMJskY3wwcBPadD31HRdYE7GCK5vDS1QNQFrfBw2mE2vvb_0gWL7xXUZZVQBwOdtLfhJbr9c5tpSpQ3NJE1wbeb9xvoBhgHE2mU7yjjKiSAxjthQqF6j6hZ5d-UPinjCEpu_hf6BG8TrSPGQ5V3wXKwq55XRedpt2mZs165g6qsuQfokMOZVkSMlUZhq76EMAausYBQHKO1elaJKxmpG1vGGOeyZP2p68XSLKWgD2k4MoypLIXi1h3WvkwrH15bvScHD0b6X5hYfPPNgCirKoAHryrM4r9tG1JJERt0Kg3Y-qoB9W89EGkCtk1tkWB0d5pOV5QXjClzoAVmT5ls4JnToHd9oyEi8Gdcu00KhpudvZctYHSm_YeT38hJ6MqQaMUdmNkwFJ3emIurlYleqObVu0qOvStdZO0SRVZFvr5JmkZ2g9urN4ATFNNqG7YWIAw2QTo1D3UKW2GZvDBrnKqqTftHUBUuf5UqSJ1JRm_778rX9vpU0g3jFdC5OPxL3HK_g-nCkwAvJqRkEHeVtpA7gj5awJM0YtopQ%26adurl%3D&dv360_cmp_id=20317783564&dv360_li_id=1013520331&dv360_crv_id=467100053&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fhot.tinnendoc.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=c68929bf95c97cbd1289_1701597410482&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fhot.tinnendoc.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1701597410488
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.20.220 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.220.20.21.65.clients.your-server.de
Software: nginx /
Resource Hash: bb4ecd643ac5900e53fb47a1c289514d0978c294626d64ff551b9f1ea6cc928d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip55608
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3814 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bk5z54lBsZd_ODZGogAfRq4HwCQAAAAA4AeAEAg&bg=!oKOlo-zNAAY3kmNgF5I7ADQBe5WfOEHZLfKi6dInaEBii81Gdt4sRf3-5SmqEohqls_cHpVLukUZyG8kO5dhas4vO-bNAgAAADhSAAAAAWgBB5kDCy03PeYbHITprfCNv5oyXEaDjfOLbVaWRYUBzPs3tHW-xuscYSV99xG5LaCq8fOQamhVAJEygSllrpUyApS8KNc5x90rAMnFBPLJO_vD19lY9gz92IjIpvPOodCK6fD-C_jDtalwkJyCl_kEeYhCCDbiWDdbvYiPKJJ2Se-eK_AKU2O7N5f02REJFWCIZVwNRUNiPorPpvPCfmlgAj-sP0O0lJ1FLQwkw3O0y0z5-ArMO374JEXvv3C526K1jwr6SmT6JZflmNEvsCvRaBj4ZLYfSMwQi2A9KP7t83RTRC8nmC0nlD_1uGYNEVDPklI3NFe_Z2NkqKRZf4ekGIh5jynhP67sXk9r5ZHVpsB5y0O5ZV9Bin4ph2U5AoMYc0WT-ZwgPu3xONGAVugGeOxpVksCZkGaqefhhcdzEIjl1TrHvnxZtzlxMFAKN8Unan6bzpcIgeAdKPVGIEQB-0poEDe3GqbO211vYkwNjnGpzzy-FrNSvGrpWvH_QaAhhyHkiCUmW570oI588ZcqoL0zD4UQC25d02MNWszwnlnMJrGHBTQk6BLysb9edsMT4l0LBe49MDo9x9R6j7S1MHJJ5qoxDv8xfOU4562YZSv0EuN_j2LJIngxCESzeFdrhiDfAX1OjWdaCNfKWGj45EIO6m5fGRQcIDNHnYIPr9YZNBV_9RZXWpjMyAgkj59hZyf3Ewzgr_YB2atMbV6pwG5QM1q4e1mRTC0jop4lCLxkQ3AdnwiKfo3HhkNuGpjg6M0EHvxzgIpgFXy_HVwyAItitG0JRCNvRcVVlK2bKXN2os711_jmppxHNdAqSHFZgaDwWhI7eCxmRV1Oyq5Og211XXbhnJ6wmpC8oqnvvrjd_0czNBrLUIyDZQT0xnT6s1CLpru9G1FP76EfkZ2gVgS4REtBfnTxwJ4P1pdgcMC_LVOgj4-JJ1y2PdtX1LbkZkP87MH8NqePGEvxMPtBZkwzRoidGMumlKO7idr-YJgNaK_UOCzv_SqT2l5vW1i_XDNGKJU9ReWKVkzmoexf

Requested by

Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 37BF 167 KB
50 KB 64ms
20ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:27 GMT
server: ECS (amb/6B7F)
age: 35
etag: "64ecabff-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 37BF 43 B
170 B 139ms
44ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=6b4f3e3a0cd82e412acb5b5b02db1d79&__adt=8240604193468599783&__ade=1&vid=5100907138106782922
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 square.jpg
cdn.revjet.com/s3/csp/1680014892294/ Frame 37BF 866 KB
867 KB 14ms
14ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680014892294/square.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: 3fPaQivslqxi3yIkxxJfWm_vcpkRhCV.
age: 40721
x-amz-request-id: 6SASZ5DKCPP8459W
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 886632
x-amz-id-2: xTwP/tx9BmGXlwWNVsUC83yq7OvkO6tNImm4J2okyYZpdBgrSAbt3RRmeymWLu55q2BWpUDl5Fo=
last-modified: Tue, 28 Mar 2023 14:48:27 GMT
server: ECS (amb/6B9D)
etag: "7edde919394f0ebd665a2aba0ea6ccbf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 37BF 56 KB
15 KB 15ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6BBF)
age: 24
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 37BF 632 B
662 B 37ms
36ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 39634
x-amz-request-id: MQ7WWXTC59QC29BK
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: IV+TOFivAHWfunAhceKBBMHvwVIsHI9b9LVhFpBXOaWcG2RfgtUMtCdTWOxEaOT71Jp9zp6H1SY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 Logo-Wordmark-noShadow.svg
cdn.revjet.com/s3/csp/1679927261226/ Frame 37BF 7 KB
4 KB 37ms
36ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1679927261226/Logo-Wordmark-noShadow.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: _LI8vXFq5W37Tvc9LZcnQweHjqGcRfe8
age: 2465
x-amz-request-id: 9VER1SK9D0BCK17C
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3634
x-amz-id-2: Mk7kaT0f90Bdzv+ZxX4yb+RQhvv3D/FswRrzWkyNEoPBGPbdbBrLn7pCfueMrSBlSvGLRr4gmAg=
last-modified: Mon, 27 Mar 2023 14:27:43 GMT
server: ECS (amb/6B83)
etag: "66704ffec01c0a05020997e7776a8b76+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 37BF 7 KB
4 KB 37ms
37ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 40722
x-amz-request-id: 42Q7WDZPCB8HJ1AC
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: aop1nV+xiYSqF4HKZy49wNLf2dDQacSDTCZdvE/qg6g4V4w4UlepV/huJT37dI5dNRIzwTBneoY=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2

200

B29255022.357498595;dc_pre=CNyF1amA84IDFRnHdwodv0gPYQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410519
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 37BF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17015974...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNyF1amA84IDFRnHdwodv0gPYQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

44ms
43ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNyF1amA84IDFRnHdwodv0gPYQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410519

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNyF1amA84IDFRnHdwodv0gPYQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410519
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame EBB8 167 KB
49 KB 41ms
40ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (amb/6BA1)
age: 40
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame EBB8 43 B
169 B 94ms
45ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=e5299d61d609764df9ed0dbf2fafb4db&__adt=8240602643894126099&__ade=1&vid=5100819177176560841
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame EBB8 33 KB
33 KB 29ms
29ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 39634
x-amz-request-id: 8G9AEDFYBN1F3PZG
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: oARnOJsUj2tJaRxyZelDDqKlBx0EPom8zBfbNdtadQV4+kBAiFffpneadBudBR6Ke9KdJgfjRz0=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (amb/6BAC)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame EBB8 56 KB
15 KB 29ms
29ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (amb/6B9B)
age: 47
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame EBB8 3 KB
2 KB 30ms
29ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 13868
x-amz-request-id: FYBRY5H4YXW9N0C5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: 3UBlupUuJTlOnCd1abY1HX39+PP1+aw0I3r3vVHb5oXgcvWnrb+rjwmZzT/PoRJoZHtO1iB3jKE=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame EBB8 632 B
506 B 30ms
29ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 39634
x-amz-request-id: MQ7WWXTC59QC29BK
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: IV+TOFivAHWfunAhceKBBMHvwVIsHI9b9LVhFpBXOaWcG2RfgtUMtCdTWOxEaOT71Jp9zp6H1SY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame EBB8 7 KB
4 KB 30ms
29ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 40722
x-amz-request-id: 42Q7WDZPCB8HJ1AC
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: aop1nV+xiYSqF4HKZy49wNLf2dDQacSDTCZdvE/qg6g4V4w4UlepV/huJT37dI5dNRIzwTBneoY=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H3

200

B29255022.357506031;dc_pre=CISM2KmA84IDFYif_Qcd20wD7w;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410520
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame EBB8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17015974...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_pre=CISM2KmA84IDFYif_Qcd20wD7w;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_chil...

42 B
63 B

36ms
36ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_pre=CISM2KmA84IDFYif_Qcd20wD7w;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410520

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506031;dc_pre=CISM2KmA84IDFYif_Qcd20wD7w;dc_trk_aid=548515270;dc_trk_cid=185781921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701597410520
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 37BF 33 KB
33 KB 49ms
49ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 53
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 37BF 13 KB
13 KB 49ms
49ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 57916
x-amz-request-id: CXMA5QY2S6T4JWBR
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: mJ0LkRNhlvSpLgSRllrbTK+wSZacQwgoL54/XY0bz6vbDA7z8wv+1abrmU1IuR523x9roDMz9hM=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 37BF 286 B
458 B 26ms
25ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 40721
x-amz-request-id: 6SAHD0M6872ZC19W
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: Y8htVGUFGhRzFhDAv0thiugFmw9r1eSMQcZ7i0zFuV+DFilI01brLvKdl1aZY+Vbs9YYYSw/qxM=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 37BF 470 KB
470 KB 51ms
51ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 64918
x-amz-request-id: 4NNPBJEWX9RC183G
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: oyaEy6ObkTbCtN8PELHGUOoUlY5okE433L4t/HsA0hsSf3d2MxZ29rYsh9VfQKW0ZzTxrJtEbx8=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame EBB8 470 KB
470 KB 40ms
40ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 64918
x-amz-request-id: 4NNPBJEWX9RC183G
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: oyaEy6ObkTbCtN8PELHGUOoUlY5okE433L4t/HsA0hsSf3d2MxZ29rYsh9VfQKW0ZzTxrJtEbx8=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame EBB8 33 KB
33 KB 27ms
26ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 53
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Sun, 03 Dec 2023 10:06:50 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame EBB8 13 KB
13 KB 26ms
26ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Origin: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 57916
x-amz-request-id: CXMA5QY2S6T4JWBR
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: mJ0LkRNhlvSpLgSRllrbTK+wSZacQwgoL54/XY0bz6vbDA7z8wv+1abrmU1IuR523x9roDMz9hM=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame EBB8 286 B
316 B 16ms
15ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 40721
x-amz-request-id: 6SAHD0M6872ZC19W
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: Y8htVGUFGhRzFhDAv0thiugFmw9r1eSMQcZ7i0zFuV+DFilI01brLvKdl1aZY+Vbs9YYYSw/qxM=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WZV2WB4N45

Requested by

Host: hot.tinnendoc.com
URL: https://hot.tinnendoc.com/wp-content/cache/min/1/ubplayer/player.js?ver=1700834389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ced9db9e35973303bc4762de4171a6f879a47eeadaca124a6782f2e6d033bfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WZV2WB4N45&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V17JF385GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98f0e603240d784d9646b0d0b5c72a972c840c60ba8528e702950e0e06d48052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H2 200 284758893_uc
cdn.revjet.com/s3/csp/1700555681907/ Frame 37BF 259 KB
259 KB 17ms
15ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1700555681907/284758893_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: ba7e24a83ac9eef96e255963d8d70ba51a24318f4343d2707a0917480e220cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: 4WqcDPpTPDc47oKwfkPdph2afCuh0WO7
age: 39233
x-amz-request-id: DQFV1Z7JBZ7J1VBQ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 264741
x-amz-id-2: uMgVvgZ4nUqqwRjrP8QRgc6qujDMTqrqmdN6/I5uoLnAjtw5+UglXBTf2C+KejeXMev3LhTcwd4=
last-modified: Tue, 21 Nov 2023 08:34:42 GMT
server: ECS (amb/6B79)
etag: "a94fe06d61b89cc48b6dc475f8543bd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 206
Partial Content de593a42-2893-4db8-bd3c-d546539b4557
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/de593a42-2893-4db8-bd3c-d546539b4557
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content a20ae722-f265-4cd0-98cb-8453186a0a55
https://hot.tinnendoc.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/a20ae722-f265-4cd0-98cb-8453186a0a55
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1000
pix.revjet.com/interaction/ Frame EBB8 43 B
169 B 40ms
40ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=e5299d61d609764df9ed0dbf2fafb4db&__adt=8240602643894126099&__ade=1&vid=5100819177176560841&__clstampdif=119&__stamp=1701597410712
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1381978762_uc
cdn.revjet.com/s3/csp/1700555558616/ Frame EBB8 331 KB
331 KB 16ms
16ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1700555558616/1381978762_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: c54d5a813b649a6d395c5e07cfd243ca144511f66249049bde0df2f527bf8ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
x-amz-version-id: KyYQ17CJ9L.NfwhxozEW9xx.hngSqCQC
age: 38330
x-amz-request-id: HNBTB9YKM5H0FNNZ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 338543
x-amz-id-2: 4+zuE91y7CLSgXs84dQF6bIWqBjx1mfEdm6UGYj+UHgawvbVaORKsEmURuwCbf4jA/pbNG49JA8=
last-modified: Tue, 21 Nov 2023 08:32:40 GMT
server: ECS (amb/6BA1)
etag: "7457ca356f982f19d16ad870b1c122b0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:50 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 37BF 43 B
276 B 46ms
46ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=6b4f3e3a0cd82e412acb5b5b02db1d79&__adt=8240604193468599783&__ade=1&vid=5100907138106782922&__clstampdif=179&__stamp=1701597410733
Requested by: Host: 85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
URL: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:34
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-1076
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: bebbe6cebd0d54bc5af010808d6d5e9a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 1 KB
1 KB 66ms
19ms Image
image/svg+xml 2400:52e0:1e00::1049:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1049 /
Resource Hash: 98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.unibotscdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
cdn-edgestorageid: 1047
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:25
cdn-pullzone: 483488
last-modified: Thu, 01 Dec 2022 03:57:52 GMT
server: BunnyCDN-DE1-1049
cdn-fileserver: 135
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 30ab30eb5cad7148dad1148e1153763a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AE38 752 KB
241 KB 20ms
19ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 166102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 11:48:28 GMT
expires: Sat, 30 Nov 2024 11:48:28 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 09:56:50 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 171D 40 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 03 Dec 2023 10:35:06 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/ 171 B
836 B 83ms
21ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/playlist.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-165
cdn-cachedat: 12/03/2023 09:16:23
cdn-pullzone: 829957
last-modified: Mon, 25 Sep 2023 07:11:46 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 339
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: d9ab00600979449b2ce3949b278ca97d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 9b117934-1e13-48ec-aa5a-869eaa600147
https://hot.tinnendoc.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/9b117934-1e13-48ec-aa5a-869eaa600147
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 5f3e5a43-1a6b-45e7-87b1-da66dc384070
https://hot.tinnendoc.com/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/5f3e5a43-1a6b-45e7-87b1-da66dc384070
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK f4563251-f488-4690-ad85-94416bb1c18b
https://hot.tinnendoc.com/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hot.tinnendoc.com/f4563251-f488-4690-ad85-94416bb1c18b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WZV2WB4N45&gtm=45je3bt0v897699731&_p=1701597408751&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1950371521.1701597409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701597410&sct=1&seg=0&dl=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&dt=T%E1%BB%AB%20nay%20tr%E1%BB%9F%20%C4%91i%3A%20Ai%20%C4%91i%20xe%20kh%C3%B4ng%20ch%C3%ADnh%20ch%E1%BB%A7%20c%E1%BA%A7n%20mang%20theo%204%20lo%E1%BA%A1i%20gi%E1%BA%A5y%20t%E1%BB%9D%20n%C3%A0y%2C%20n%E1%BA%BFu%20kh%C3%B4ng%20mu%E1%BB%91n%20CSGT%20ph%E1%BA%A1t%20n%E1%BA%B7ng&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5851
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZV2WB4N45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hot.tinnendoc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://hot.tinnendoc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 5 KB
1 KB 25ms
25ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 1c3af2614aabee6cf955284128535ee8569df0d5553045277e0d69a3a48bf380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
content-encoding: gzip
cdn-edgestorageid: 1076
cdn-storageserver: DE-383
cdn-cachedat: 10/31/2023 19:00:07
cdn-pullzone: 829957
last-modified: Mon, 25 Sep 2023 07:11:03 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 633
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: cc82c11e6c40fda70360846bead11a99
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AE38 52 KB
10 KB 341ms
274ms XHR
text/xml 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22849695847%2Ftinnendoc_com_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2601257590717458&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&vad_type=linear&plcmt=2&description_url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gpp_sid=-1&sdki=445&ptt=20&adk=1013349549&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=67F5826B-EF51-4321-BEE2-E2BEB2C36B06&a3p=EhkKCnB1YmNpZC5vcmcYgeDv-MIxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLXf7_jCMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTRkJoZERrMVRrRlJhV1ZHY210RlYwdHNVVkZsUVQwOUluMD0YieLv-MIxSAASGQoKdWlkYXBpLmNvbRi03-_4wjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKfg7_jCMUgAUgIIag..&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616%2C44808024&url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&dt=1701597410901&cookie=ID%3D49ce9c27e6f56d4f%3AT%3D1701597409%3ART%3D1701597409%3AS%3DALNI_MbF8SJ6WfykXZvccO9BMq6QfUKx3A&gpic=UID%3D00000d01cfbfb0ac%3AT%3D1701597409%3ART%3D1701597409%3AS%3DALNI_MaZeruJYNtFmHArEln1OOJc_JuCkA&scor=1230192033509074&ged=ve4_td5_tt0_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73b1d66dd6bdcb40a2e11b2617a75598bda3dfbf918b42fbb5d7ce02672c820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9224
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 309 KB
310 KB 30ms
30ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video0.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: b2600df86ae30fded7c5a85f4a41baee7be58a184a5fd17c946de5fda61b725c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:50 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-661
cdn-cachedat: 09/25/2023 07:17:03
cdn-pullzone: 829957
content-length: 316216
last-modified: Mon, 25 Sep 2023 07:11:03 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 639
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 0eefc1197282b8ca647924ffc2a530d7
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 294 KB
295 KB 20ms
20ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video1.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: c265932af732894ea2ecb93a59857589a48826c537bfb2d222679c3c573a267d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 1047
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 15:07:45
cdn-pullzone: 829957
content-length: 301364
last-modified: Mon, 25 Sep 2023 07:11:02 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 651
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 3dbbbacf9c592cf8031834c66c1fb97a
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 showban.asp Show response
fundingchoicesmessages.google.com/f/AGSKWxVZBSdvZe8ccEqvzIns3qPNXu3HyW_wwS0gdaXF1ODysxEYKz_fZf_U3KRHLz1MOUMxd3nom55pLuaIzNXR2_lPyTizwlQyTu8PMhc9Ji_knB9NYfmkypKxP_ab9yYLTfbPnG2u4c6XZ8rcd5kdTDFWEy--9... 54 B
109 B 30ms
29ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVZBSdvZe8ccEqvzIns3qPNXu3HyW_wwS0gdaXF1ODysxEYKz_fZf_U3KRHLz1MOUMxd3nom55pLuaIzNXR2_lPyTizwlQyTu8PMhc9Ji_knB9NYfmkypKxP_ab9yYLTfbPnG2u4c6XZ8rcd5kdTDFWEy--9kKEJNUxr3NU_4p9tp-IY7foFafNM8BM/_-728x90px2._longad_/showban.asp?/parking_caf_/webapp/ads-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwlLW_mylTS11_htG8IL16Oj6Xnrw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42dd582f38f02c692321f9bbf999f14fe571131db327c94ba2677e1c79c2e4b7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IJSpK7P_nFchKErG1eeurA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IJSpK7P_nFchKErG1eeurA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a0cfeb3ca8a8574d1b96bb634739f2d33525dea2cfa52a958b685bdb597c594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30708
x-xss-protection: 0
server: cafe
etag: 11528220969406544827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 10:37:45 GMT

POST
H3 204 AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0nB9Z9huJkf4Neu8xFVSHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-0nB9Z9huJkf4Neu8xFVSHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 311 KB
312 KB 22ms
21ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video2.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 2c3d87543a457235cb5521ba4492f8283257d0b6f9794132b3773dd76858a299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 1075
cdn-storageserver: DE-588
cdn-cachedat: 09/25/2023 07:17:06
cdn-pullzone: 829957
content-length: 318472
last-modified: Mon, 25 Sep 2023 07:11:01 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 571
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 606b4a855912e13e65badddb14086d07
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 204 AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
39ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ASOzGH-aw5Ukh5zhomwS2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ASOzGH-aw5Ukh5zhomwS2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hot.tinnendoc.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
36ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7iEPpzABkUYk2cp72aapaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-7iEPpzABkUYk2cp72aapaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hot.tinnendoc.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
48ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKK6sJlYULqyJRGKR6QUuFzb_X_bjlYwR65zjJSIGrjcG4l5DBnY31sS4P2LuwIZol7y9Woj3LSjiOFCqe03Cl6glLSBTvvqUGVtHq1lZMTE_B39nuwXmIegrLPaxrRbG8zAI5bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QyJq2g6RHXHuab4Mi8mDVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QyJq2g6RHXHuab4Mi8mDVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hot.tinnendoc.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWHNUJ1pZEhHxEP-K324az8DXT3mfvvQZfQP2s92ZYxfk5HXFCX37niZRXYpAfLqItPGMMnwOV2DdAfAUc8WTws7_MI4tzKNjOyY9JKRN9pDTN1NUrexi0cn7iHdEt5EpK8aU5keA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWHNUJ1pZEhHxEP-K324az8DXT3mfvvQZfQP2s92ZYxfk5HXFCX37niZRXYpAfLqItPGMMnwOV2DdAfAUc8WTws7_MI4tzKNjOyY9JKRN9pDTN1NUrexi0cn7iHdEt5EpK8aU5keA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTk3NDExLDEwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaG90LnRpbm5lbmRvYy5jb20vdHUtbmF5LXRyby1kaS1haS1kaS14ZS1raG9uZy1jaGluaC1jaHUtY2FuLW1hbmctdGhlby00LWxvYWktZ2lheS10by1uYXktbmV1LWtob25nLW11b24tY3NndC1waGF0LW5hbmcvIixudWxsLFtbOCwiRmFZUHVSd2VxSUkiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb7ef089f6084f34c7622e97e4c8ced7c863c369894390a98cd44fc66d09ea39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r-uBuEYGvRuQhcPuJqeAQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-r-uBuEYGvRuQhcPuJqeAQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 249 KB
250 KB 23ms
23ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video3.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: c32ba0de551a8f36a7b998107080cc435cbd3b31b6c5952bb502c68435bf2584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 755
cdn-storageserver: DE-680
cdn-cachedat: 09/25/2023 07:17:07
cdn-pullzone: 829957
content-length: 254928
last-modified: Mon, 25 Sep 2023 07:11:03 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 650
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 0421b3fd7e9f3bfbdcc3973d54c98d7d
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 206 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 64 KB
0 15ms
14ms Media
video/mp4 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
x-amz-version-id: vGabD5tWvPVUQGuDKefeMAVGFTAoz5zD
age: 38609
x-amz-request-id: ZHD5HF3SW0D7X14S
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-449658/449659
x-amz-replication-status: COMPLETED
Content-Length: 449659
x-amz-id-2: LiWS51YgOuP8pZGA4+O5s0M3yYw0IzOuXCjYY6o5cYE73788JMleQo0NgtgEK8+JmkO9WFpxWDA=
last-modified: Thu, 23 Nov 2023 00:00:48 GMT
server: ECS (amb/6B93)
etag: "f8133b81251b8ebe23606a3d963ab5e9"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:51 GMT

GET
H2 206 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 0
0 27ms
27ms Media
video/mp4 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
x-amz-version-id: vGabD5tWvPVUQGuDKefeMAVGFTAoz5zD
age: 38609
x-amz-request-id: ZHD5HF3SW0D7X14S
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-449658/449659
x-amz-replication-status: COMPLETED
Content-Length: 449659
x-amz-id-2: LiWS51YgOuP8pZGA4+O5s0M3yYw0IzOuXCjYY6o5cYE73788JMleQo0NgtgEK8+JmkO9WFpxWDA=
last-modified: Thu, 23 Nov 2023 00:00:48 GMT
server: ECS (amb/6B93)
etag: "f8133b81251b8ebe23606a3d963ab5e9"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:51 GMT

GET
H2 206 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 0
0 32ms
31ms Media
video/mp4 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
x-amz-version-id: vGabD5tWvPVUQGuDKefeMAVGFTAoz5zD
age: 38609
x-amz-request-id: ZHD5HF3SW0D7X14S
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-449658/449659
x-amz-replication-status: COMPLETED
Content-Length: 449659
x-amz-id-2: LiWS51YgOuP8pZGA4+O5s0M3yYw0IzOuXCjYY6o5cYE73788JMleQo0NgtgEK8+JmkO9WFpxWDA=
last-modified: Thu, 23 Nov 2023 00:00:48 GMT
server: ECS (amb/6B93)
etag: "f8133b81251b8ebe23606a3d963ab5e9"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:51 GMT

GET
H2 206 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 23 KB
23 KB 53ms
52ms Media
video/mp4 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash: 4b40669700f9b79a0b8a6d5977455a91e6a114af9fe17c532db209d0e3d5008c

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=425984-

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
x-amz-version-id: vGabD5tWvPVUQGuDKefeMAVGFTAoz5zD
age: 38609
x-amz-request-id: ZHD5HF3SW0D7X14S
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 425984-449658/449659
x-amz-replication-status: COMPLETED
Content-Length: 23675
x-amz-id-2: LiWS51YgOuP8pZGA4+O5s0M3yYw0IzOuXCjYY6o5cYE73788JMleQo0NgtgEK8+JmkO9WFpxWDA=
last-modified: Thu, 23 Nov 2023 00:00:48 GMT
server: ECS (amb/6B93)
etag: "f8133b81251b8ebe23606a3d963ab5e9"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:51 GMT

GET
H2 200 2dea64dd55034a6fa7ddc6c3d74a5be3.jpg
img01.ztat.net/article/spp-media-p1/338e73a9abac4af3a3c92b960f5ab727/ Frame 37BF 8 KB
9 KB 220ms
64ms Image
image/webp 2600:9000:26db:f800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/338e73a9abac4af3a3c92b960f5ab727/2dea64dd55034a6fa7ddc6c3d74a5be3.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc34f53558defa10110e7223345a1e2194cfbbf7fc818393801ba7118676194d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:11 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
age: 471341
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8618
x-amz-expiration: expiry-date="Mon, 04 Mar 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 24 Nov 2023 14:28:26 GMT
server: AmazonS3
etag: "18f0f34a1a7c11f1a9e52ddd2046b265"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: n9nRyJa4O5xWgjHEBhDUcuiaTTT20iYXdV0kvrItORqoypkZXiwFdA==

GET
H2 200 3ac622e8bafa4afab0e7cdc7de1b7cca.jpg
img01.ztat.net/article/spp-media-p1/f74d73c0cc80430bac02a942a7ac4b0b/ Frame 37BF 9 KB
10 KB 228ms
72ms Image
image/webp 2600:9000:26db:f800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/f74d73c0cc80430bac02a942a7ac4b0b/3ac622e8bafa4afab0e7cdc7de1b7cca.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deb50842709a38b667580a304bf6ed8671a9cf96f783c47320964b20930cef6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:11 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
age: 471341
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9318
x-amz-expiration: expiry-date="Sat, 03 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 25 Oct 2023 20:59:06 GMT
server: AmazonS3
etag: "efced7633d492b9d5c1e20e51c86e655"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vslBhAB9_o9O6_p4_8rxOdupWArFfRpg6w2ak-IRjJZotL5mAJeIcg==

GET
H2 200 84df77b8752948c284a096302cec2616.jpg
img01.ztat.net/article/spp-media-p1/0a4f4c3cc7e6417299bb4a8e76b57ef4/ Frame 37BF 7 KB
7 KB 234ms
77ms Image
image/webp 2600:9000:26db:f800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/0a4f4c3cc7e6417299bb4a8e76b57ef4/84df77b8752948c284a096302cec2616.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fffb77ef84f502854a497700b265ddf8ad08798a445a43de3185e61d74fdb98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:09 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
age: 471343
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7060
x-amz-expiration: expiry-date="Sun, 03 Mar 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 23 Nov 2023 12:15:43 GMT
server: AmazonS3
etag: "e12ad7e4752c24c286bcb2cbd1ed71f6"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QbjrYgWku-ccYw8oC4aDl2d8IMf3bqr3RdkSQStJdl_8qBTBL6jAvw==

GET 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 0
0

POST
H3 204 AGSKWxXMWP254fR5oa569QN3_XtKWGjMZyczYyX0gUi3C6w-w9zgg80vMOB2c1bPpOj2FNxX9IU3aVwD1Mg3HtnO2x5r0lPdyA52CeP8Pua_CcKrnBKNH0_vHpXVcg2QZI0vt1clNLDxDg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
39ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMWP254fR5oa569QN3_XtKWGjMZyczYyX0gUi3C6w-w9zgg80vMOB2c1bPpOj2FNxX9IU3aVwD1Mg3HtnO2x5r0lPdyA52CeP8Pua_CcKrnBKNH0_vHpXVcg2QZI0vt1clNLDxDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ii2Xebz0A9hT1mlvRlCZSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ii2Xebz0A9hT1mlvRlCZSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hot.tinnendoc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 0002NF306GH_high_1700467547.mp4
cdn.revjet.com/s3/csp/1700697647055/ Frame 37BF 375 KB
375 KB 14ms
14ms Media
video/mp4 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash: 3b2db07955031fde097f90106d743765e0a37de575ded96a2bd609f9dfb3d29a

Request headers

Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
x-amz-version-id: vGabD5tWvPVUQGuDKefeMAVGFTAoz5zD
age: 38609
x-amz-request-id: ZHD5HF3SW0D7X14S
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 65536-449658/449659
x-amz-replication-status: COMPLETED
Content-Length: 384123
x-amz-id-2: LiWS51YgOuP8pZGA4+O5s0M3yYw0IzOuXCjYY6o5cYE73788JMleQo0NgtgEK8+JmkO9WFpxWDA=
last-modified: Thu, 23 Nov 2023 00:00:48 GMT
server: ECS (amb/6B93)
etag: "f8133b81251b8ebe23606a3d963ab5e9"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:56:51 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A182 42 B
174 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbFmtOYFWsm2jCuWCr5PD4MqXtwufcCCnV81uTJAH761RNQ1yckftxc9UCVAmEqvKr2NhgM0MwdvjamqQ7kThFj7d0UtMTEMLXL3JITnF8IeErQLIHgNN4Y-ETcgL7bBydRcaLvKQ0K3WP&sai=AMfl-YQaQHLIlEvU0WqUYf9Zx-1b6BMQlWFElXN3pJw5CQoGKvaBlXLcpkYrgGRJpgWMUeLEfH8eTFJTT8eXt0vzcQx5GXsXIOPMy_uJSI9NI3O-M7X8SMPzFh_2GYlyY6OBsjeDnmZxrBs6sMhdd8v8H-XXKjlfnsiDw_c&sig=Cg0ArKJSzIJSAr8z_rfHEAE&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&id=lidar2&mcvt=1005&p=1110,436,1200,1164&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3805529883&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701597409935&rpt=286&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AE38 0
54 B 608ms
243ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lppb5x5w&c=3169151273308&slotId=1584575636654&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AE38 31 KB
17 KB 126ms
59ms XHR
text/xml 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D4fHEgPN-Mxw1_AXL_GjzdVNKAJeqRRpcL00ZUIhjridV4J5alQ5u2m8xn7Fyyr1TTA1aJMJy7Iwh2BYMMtlFK-aZhZw&cry=1&dbm_d=AKAmf-Dy8kq7e0-pSIEY2o6MfRwe9C7YilE_czwFGMk2yHY8_68YlTegsqG_z7nfLTtSlVZEQHVAq99Jb-a1-tuAyiRm-mLNtWf2p7u1x4axUIu29F6ZbUuc0NSBBQHPXVyOE-0sI5t1kSUeyJ9Gg1s6re1wKAPBOi_3Bf3nmzPjvSj4mUm9QTCfRJLNzhPbuO_5qYSGBozollVbytEolvQTjqPgUHAx0nzXjFAr7a-5FYoiW_0pcWvQb1UXg6lGjUsTIAOHiR_UeGDK5dRfvZaMLgT9lwxC_NOZ7VpttQd96SEwXUck04A-it0_bCSkgLkYeMMbAVwYVsHMD5HAgkkt1c6bsLxVeWH3UfuLFJmCFJKeEpL04tlNQN2t4Lomqmh2PjxowjQKVOp28RBH2SC0-qWmqFWJjCFyA9FqYMUwTE9XAPVV8z6973Ce_4tpCsoyhyqTduKUy4cXIeGKauq5oU8I7c4r9J7U1v4Gb0wCDBq25UHuyZS0kYR_kRjQeO0N_HP73F_6HNMXULj21-D_QCT29j9PbAWgKziAPwDiHKFSNWC8F4FFOMHE_spo01LaGDZcc5jZUupYiq-srYen0VrF8--iSnrJ4ZDVGEYyeYgB12PN6aV2khPPW1yCN3jozABI9aMnWWmdi0cOjdMS9kBKZkEmuy5tdbwuWUBp-NEt2s87wNr0I7b-TZl6GyiNJKRaqg7gtZvxEwarqiQ7fmEcA0PD-ZOEKITArOogrRqwtu_GTKxbCD4zo-nW9iKPjmfRPUsVe6d024H77yQoq6-D-_li67pWA5R6fB8mF1to-ac2E3Imlj-VDMVBEW424Q_XmBb2IY0QKEfJn8K7YGh6jLjUGS6ujMB6A9lAoD6u7oWvW2rOlMFdszi7lx97h7_ZMbo1PqoCUIGjhDySQX8izhRs9QNOqZY13RUkUJcTAM-AmNT2_K3eGEw94cT0SD23_oE8hioMLN_fazhRimSns2dc10envQoD0sgdLqztdRtlqe4FHiQIBKPZnb4FPinlXzl5gHpSeURia4mcTygbIlQlxQPSch3wL4EN0H_Mhiz13LGertsHv3y1hsfv7fTk0xOnBVIm6jylh7MAQ0laEy15U7iQRNLxvIePjvaPRYkbC2QU15Mg7CLQ6UzZwMwIe6zMrx5qaQLbUVBvRinzRoakOyEJ22_TSUK5kJA6CwYt_CbeXLRJvmh_Txb2d8avrkFHfrmmRbcJ9PSp_nMfmqBm1OCTA0sAcLdFpL4w5pIr9NVexHYeFUrVw0EzSPdqARgKPjGDbCrT9jY_Y1X9tLCV8lmRPx2Jgk0MkP9qRjlF1ONSYmd5weX3stn9E3zxpLibWYj2unCmEfaijvFtuNPCGpUIWwqdNE6gkqNFUvLkkNc61vf8LOqsLkVHxyRx0MpKmIdC3slcBVt5pQPry2sf_SEPeaHwDlkXw2mIQsVC9ouoHuoOyIT21Wl_zMVsXkhs6EI4H78NPNLx4d6unC9MRiARGruaZR1_I9i6FMbiCghTRpUT-H9LHWk1P1jHyBE7yVQTQ0jL6XK9oH6x6ZXOk0x78uaVLecn48VfNR8k0C8HtZUkT4WDdakIiXXtgRw_a4ecihwoz3hrx9OlZ2Vcby91IBgDfiKRvcnJ-9EYkMMW4bsLjkgxSBh1nfSWDcopVoCMNRApNnfl-IDbLL7WiHiRIDiEcY5SEPJI_ZZ4-WwZQ8Pd6TvVDmhaDiDOkjmT7FsYZdP5SXbPy1jwfZbzlUCAnogFvUvzh9zGx2q_b5CTTOy7Ub1cqNGiTAuAwAA5J3FpEWhHnkAFzbYIQLRnELi9xozV9mlkq6IHX5DnCqInU4d_zNqMJxNKZfDWxcsw9ZRHsl-tqeXpJREs0V-KZ3DG8-bv69StV2CtnycrF40lT1Z8Yb-JTTefua_mi0nbxCLGJN_HEg6oNGDAVm5nxEgRozdJGb2I1hUnz-D9AlU2MgnQ-jj7zlfHYQUjEWdHyOfV8A83bx-m5Dwmuo_FoCgDBBrPAHSI-pCjnTBl8lCDF32C8axQUS3OG0Cio3iJ3lAAD3jOU9aGemj23YQebgfdQvRWhPrEM6DCTYQibELkIP-Ou6sD3aZn0R0BrkSFzaytaN54z9Li4rD1dRaQB45imHw6comVDpTJJOeDpX_LGw3dvRHCT8NOFM6cLICeaDj4iCNx-EjE8kiSJal3RQrTn4qXMrPXJ_M2WEuKHYWY875Oe3S2SwUexWtl3JMDzinMN8e56ggP7l3fvf-6uNGadUW_WsOGygrEKqPxuh_s82pyL4b6N-unqLddVNEEzq2karegSNS5ekwvC_EuJnKJoOXNFgJFU8g1XsRStI-OPt2SyCAF1QAMKbm79mBoEA5EUNPIdq9VEW4sWbi3wUiRx3WHshFH3IyI5q12m6jBajp2PAy40maS27XTcBm9LiRtKMH3F190dZKGP5uZNbDegJx9s0b5benSNOKQHMJKJhGEul5VvmH8rb3uobKiomPJvpuh7nQhkpSMCneejsRZbIN93TEjFskRVVLmf7z8Ol2PoIsbkqGmqpUtZZvsSm8Xt5gOSAa28nNJq6Z8sZOM32WSc1DzjTx4F-eJzIqlL0cdjF6CANa7CnJBYU1PIcBSg8KJXfWwU2YQOCji-CoBJ9d-TkAjLRzPKVMDMb_6yYN8GAoKt9HtNWuIPQJelKwneRcW8_xMszmLvRL8VwdbSt07FfYS-Lkvd4PZ-V-5-M56DxWoKepRps8WZZ3TIV8hvqmWoQhSk4JW5W00jgDTkCCvO0dh-n7tSyqBWgE2Bc3Ilam0O8oPuGJ1ui4vg0w_zQ3pniGZlYxFYXIWeEP5oHyDB7w0dJPpLplRGrm7zS8JtJKAeOp6IVBf2O5-a81gTVsvhQYNudKtuwUSwVZ3RGBzgcstZ7kADH12KG5It89zs9OxUgj4ANeAApQLaqUCzAfMc2MslegDBKKGP-9PvOPDuG29GCjgV2_DG68Rj_U-lbF0rm5PXs4vMKc_UQTb8K2Nr0P03teybTHsLZiUwXESFwJugFEWCALs8s8Is6WV-3ZAFQ9xd7BFqdEY8Jx9IFrBgpaP5OyW03qPYW8w4uGeCi73rZNBbsQ9tsVcEEIim_HBXutn_KRmhokwArdI_T2iMpW5djmQHmhXBmcNRz6qpurj-nJypAw9-aLXiFREltGvXkYb0HtlJIA_yZ-febNJV49d7F_OGVoNLYY2Cv2VTo23DB-mZMgzwThRYfzybfHCiFNEi5fPi3GaI3z0SJ2J2BKdgQI3EKTeiv3DgDdMqaYBLqmvAsKHabv5sa6BELMhnmt-tX4Y_w2VJY1vxrS1wHYsu977FqzYzkrSdFUWZc8pJbllymjdjTL9X1RWBf2M8JkHoR-ZGkktlVbFCh-86FVCNKohJlu1BlttPYY-4CqiWBnBxk3f0dmt-1ZWrA-CdHxzVH3qGjYR_i3zBbILNpilxfegZVykCLnvkPbqgkIpvEB5leazcPoGXvay89PvXsnKLMXR6eNLaOX4CRP1-MWqULAP27-pEpt6Nh3NWHmUgmgyPzVjjya52tqobl_9YOZgaz72mUGx3goLULkhEeoQi71XvFuLt_D0WuTZXnbmYZ1lJXAy2A1oHhjLxH9UvtPDMXcwEHmkNU6PGWRC2XSa_uKDbMkC9eOhZKkZ5CDFmxJKwdezakcudaipO6LmiofiQWfsQkSPfiHTb9sO_xdE0eSHCdfEOOL0HsCLevX7AydnDxPz3mWUYnzNR29JCWrFbAgIu5K7EyB9o8xiGOLVJf4crnHHxQO00mX6DNZg58LCUBCfmBAb9fA7SEhhM41Uga4Aq1OsaLrUHK4naUy8REbMes7WaMxpG-1YFbLCeZ2o-xNgE9dA7aaJ15R9JkONL7EwKg2910otYNBPZDDo4IMFZpRHLMUdJNh8gDhOK4wZmgI0--p09pmTzxBzSFtLMGVkS71PICvinquzt2Ie_JIkPwvTcYw6PKS6F74FiMzwbYVt9sutKSHS-N8Zy-g1o_oac_oT2PfjICmNdHsD_wuxe9KKuRfit4b92FTom-7vN9uhnT2NeIYakZGyFyeWsG8MGSvPAQgDXzhMxXhl44I7nsBHBcRFzlWCGdf4hrH7_pat0YqbVysOvTYSyIREJuoJQYV0LMayGZTB7wbrgMlCcItNDCv5HBU1cH36XQsdINNjA2aMBWtuD2G3wsDR1w_h21y7u8o39GnK92wn_NNN_5RGHIzCe7vOocgleS8vG6qfQRKbQlhKcHJ0wi_88lHZMu_VH_IS6ji5RAPitBaBNTH2R4qZb6-_ET1_vtapv24t02k&cid=CAQSOwDICaaNofYLeLAnob6lxRxD_PSgscuotJhxdTltrH2DqcxAt_KCmMP_RhN2YXyrtX8FfGCJRr6g-mgbGAE&vpa=auto&vpmute=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&nel=0&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gpp_sid=-1&sdki=445&ptt=20&adk=1013349549&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=67F5826B-EF51-4321-BEE2-E2BEB2C36B06&a3p=EhkKCnB1YmNpZC5vcmcYgeDv-MIxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLXf7_jCMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTRkJoZERrMVRrRlJhV1ZHY210RlYwdHNVVkZsUVQwOUluMD0YieLv-MIxSAASGQoKdWlkYXBpLmNvbRi03-_4wjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKfg7_jCMUgAUgIIag..&eid=44772139%2C44773379%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616%2C44808024&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Fhot.tinnendoc.com%2Ftu-nay-tro-di-ai-di-xe-khong-chinh-chu-can-mang-theo-4-loai-giay-to-nay-neu-khong-muon-csgt-phat-nang%2F%3Ffbclid%3DIwAR3BOTgSprMMgF-Wpmn3xqavgHVj27olS_Y0xm0XVz5gMJXUkOQUcDG20nY&dt=1701597411254&ged=ve4_td5_tt0_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

cafe /

Resource Hash

1f82c5fb4faf631b8ea2bb1b8d3894fb69f30494a46d92a7d69b7b80ad7e6a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17121
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video4.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 443 KB
444 KB 21ms
21ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video4.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: a508e84018c13a0963f1cdd12b7289993a2358b4d62424597aa7e7f937e86ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 752
cdn-storageserver: DE-51
cdn-cachedat: 09/25/2023 07:17:07
cdn-pullzone: 829957
content-length: 453268
last-modified: Mon, 25 Sep 2023 07:11:02 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 651
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: b2964f3705ef4e1219a30d8c71551213
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7290 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdn3XvfDcEkG2dahA0y2D8b7P09lXWF7FOkU0ckz0GSf8-UzsvvPxTb8jmyhkZjqnKtUTugRJF-eLbrHZZWP0tvAHF4j_l5smjg-IlCYlfeOhDvTKMzzlYcr7eXrSCXWu4uE5L1mLxK_7o&sai=AMfl-YSpeiRlAqWyVQvB7Mek-igfki38sZJ8GcJ6nkaAGVFCpR-u4dt24f5pYF1_8_RHXDXLHbJiBBOP5xegNfjtTnOSoHV2vTNqIP-v-HwbWvPgDXuJNKKmr30O3Z-QgxD9F1kE0ZPCIyegAN4-yYL3KlE5hwB7Z4euJTc&sig=Cg0ArKJSzGy1KwzA0-K6EAE&cid=CAQSTgDICaaN6-B3zWXYTDCHcRCv5qn29606htXLinIK3LishOcIEvY3LhydXV-aNM_nd_sRjbDLj5DcQ6fdL9wRLff3RcU8aUvpkbH87YjeDRgB&id=lidar2&mcvt=1004&p=495,650,745,950&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=510983300&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701597409963&rpt=312&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video5.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 402 KB
403 KB 24ms
24ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video5.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: e5d6d85966c358f3c69310e2421967ce6190bd1fe7ce5c456b123b85a9865f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 1055
cdn-storageserver: DE-680
cdn-cachedat: 09/25/2023 07:17:08
cdn-pullzone: 829957
content-length: 412096
last-modified: Mon, 25 Sep 2023 07:11:02 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 339
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 39a8f225ab2b29a4612002725ad99596
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video6.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 279 KB
280 KB 21ms
21ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video6.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 5ef92c8d4857c449d34ff3cc220bb775bf3b7e2dab565611fff9d32a8b1ff89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 1054
cdn-storageserver: DE-677
cdn-cachedat: 09/25/2023 07:17:09
cdn-pullzone: 829957
content-length: 285760
last-modified: Mon, 25 Sep 2023 07:11:01 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 633
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 9d6f3d8b40aa6cec10702fe79d3e23c7
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 csi
csi.gstatic.com/ Frame AE38 0
54 B 471ms
244ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lppb5xgy&c=3169151273308&slotId=1584575636654&ghmsh_eids=44772139%2C44773379%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616%2C44808024
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video7.ts Show response
stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/ 373 KB
374 KB 21ms
20ms XHR
video/mp2t 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/81899a3d-9730-40fc-b584-20902d9e7384/640x360/video7.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 1220d9003b445da2d784381c47fd2fc12273bf42351d14cd191c2d176846ade3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hot.tinnendoc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
cdn-edgestorageid: 1055
cdn-storageserver: DE-680
cdn-cachedat: 10/31/2023 19:00:52
cdn-pullzone: 829957
content-length: 382204
last-modified: Mon, 25 Sep 2023 07:11:01 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 633
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 0373e648b0af5a70b237076886605834
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DP_DE_PN_Equity_Occasions_Nights_In_Q4_2023-376265360.xml Show response
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame AE38 5 KB
5 KB 71ms
32ms XHR
text/xml 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/DP_DE_PN_Equity_Occasions_Nights_In_Q4_2023-376265360.xml?apiFrameworks=2,7,8&gdpr=&gdpr_consent=&
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8b2e2d78b945f5cf54430f4ab6d1ece8d0d8a0d1b219d722d808466d50312c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
server: AmazonS3
x-amz-request-id: EZA35MXKNFDA6Z4G
x-amz-server-side-encryption: AES256
etag: "d178ab319285319fa8f863688f09215c"
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 4847
x-amz-id-2: HYFctRZqSgxpwpWsXTiP8XXpVC54EnrHxJqabenEFPqLTBKOnhWYouDD1d99eAQ0I4P6pu3hi5I=
expires: Sun, 03 Dec 2023 09:56:51 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AE38 0
234 B 395ms
243ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lppb5xkr&c=3169151273308&slotId=1584575636654&vast_v=2.0&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader21.html Show response
tpc.googlesyndication.com/pagead/js/ Frame D76B 52 KB
18 KB 60ms
60ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader21.html?https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js%23vast=https%253a%252f%252fad.doubleclick.net%252fddm%252fpfadx%252fN6772.3821858DV360-AMNET%252fB30550615.376265360%253bsz%253d0x0%253bord%253d366042418%253bdc_lat%253d%253bdc_rdid%253d%253btag_for_child_directed_treatment%253d%253btfua%253d%253bdc_tdv%253d1%253bdcmt%253dtext%252fxml%253bdc_sdk_apis%253d2,7,8%253bdc_omid_p%253d%255bOMIDPARTNER%255d%253bdc_vast%253d3%253bgdpr%253d%253bgdpr_consent%253d%253bdc_mpos%253d%255bBREAKPOSITION%255d%253bltd%253d&level1=30550615&level2=DV360%2520-%2520Amnet&level3=376265360&level4=vpaid_creative_unit&slicer1=undefined&slicer2=undefined&slicer3=undefined&pcode=iprospectdekelloggsvpaid504439310313&spvb=1&vz=366042418&apif=2,7,8&zMoatDcVastUrl=$%257bDC_VAST_URL%257d&zMoatADV=10043497

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 18189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 09:56:51 GMT
etag: 7287664291636797308
expires: Mon, 04 Dec 2023 09:56:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AE38 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDg7b41BsZfpi0ZKAB6ybksAE58mgoXP-09365hG6vIzxvgEQASCivdR9YJXyi4KYB8gBBakChxZyOYpCsj6oAwHIAxOYBACqBOcCT9DdgtCiV3U1UN0-Lo-YUNelDEHQfdLMBA2YaMm3U-qXYKtYBrHbz4w3WHl_MMSAGajRF33fCt7L0j3_FL3Q_DQYBrB9ChbOhxrpmspEW8Cul6oznjwK6cSRyBlwIWTnupZusPKQWw1PNSdoRL-KTUK7yjRbqbs0pLAGsNQ--XRuHrPJtwXmMJx1l9wkaIScl4oH2Jo0l7r_nebQrnWQCedErMwVzR4gzFPFsu0rkeVTPs5J2hyOrhvzzv2YY4tSU0Sj_4eIoCAxQLlFlYZgoAyx0aIzWLUTP8IUC2buKtJczQAbKHvZcgtCjeJ66GKQEToiVyeGWronv5Tpk8VLKLxAQ1lW0dwRKpYAxtbp2Vc5wpDdmJN_d1p_RaYb5nq5YCqcxr3IsUrmCIv4pezYzq0t9X22FL3VfXutSoUFt2VO1nKxFLZhKKslusoHjqQKrsywN-jAMY6leKsQdtOF3m4WqrED8zLABKvZ8c--BOAEA4gFlsKN2kyQBgGgBnmAB7_kgNQBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYgqPuqYDzggOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCKDc7qmA84IDFVEJ4AodrI0ESLATnc_eFcgTkonU4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&sigh=esxF7mfHB8g&label=video_ad_loaded&sdkv=h.3.605.0&vci=[CREATIVE_PLAYBACK]

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatwrapper.js Show response
svastx.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame D76B 75 KB
22 KB 7ms
7ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js%23vast=https%253a%252f%252fad.doubleclick.net%252fddm%252fpfadx%252fN6772.3821858DV360-AMNET%252fB30550615.376265360%253bsz%253d0x0%253bord%253d366042418%253bdc_lat%253d%253bdc_rdid%253d%253btag_for_child_directed_treatment%253d%253btfua%253d%253bdc_tdv%253d1%253bdcmt%253dtext%252fxml%253bdc_sdk_apis%253d2,7,8%253bdc_omid_p%253d%255bOMIDPARTNER%255d%253bdc_vast%253d3%253bgdpr%253d%253bgdpr_consent%253d%253bdc_mpos%253d%255bBREAKPOSITION%255d%253bltd%253d&level1=30550615&level2=DV360%2520-%2520Amnet&level3=376265360&level4=vpaid_creative_unit&slicer1=undefined&slicer2=undefined&slicer3=undefined&pcode=iprospectdekelloggsvpaid504439310313&spvb=1&vz=366042418&apif=2,7,8&zMoatDcVastUrl=$%257bDC_VAST_URL%257d&zMoatADV=10043497
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 01fd59cfdbd38fb8a99568b198d3ccfcabd0ccc45b24f065f202a128fe8f9995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 21:52:36 GMT
server: AmazonS3
x-amz-request-id: Y1QKB16A4335S60F
etag: "8978dec6a0d4fbb8729d0da7dc864b8e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2260
accept-ranges: bytes
content-length: 22040
x-amz-id-2: 1kWAf4ZitUdfLkEA5WOpynOt1tpUaFb6bv8uR5hqKnmJ046oCDHLYBKqMa3qSR/kDQ28QqrrlhE=

GET
H3 200 xml;dc_sdk_apis=2,7,8;dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd= Show response
ad.doubleclick.net/ddm/pfadx/N6772.3821858DV360-AMNET/B30550615.376265360;sz=0x0;ord=366042418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text/ Frame D76B 33 KB
16 KB 48ms
47ms XHR
text/xml 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N6772.3821858DV360-AMNET/B30550615.376265360;sz=0x0;ord=366042418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text/xml;dc_sdk_apis=2,7,8;dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd=

Requested by

Host: svastx.moatads.com
URL: https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

03dced5b6e32e167dbf0585cbbd8720c9e776036f35d9ab901d71118ed02729e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16132
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/iprospectdekelloggsvpaid504439310313/ Frame D76B 331 KB
112 KB 8ms
7ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/iprospectdekelloggsvpaid504439310313/moatvideo.js
Requested by: Host: svastx.moatads.com
URL: https://svastx.moatads.com/iprospectdekelloggsvpaid504439310313/moatwrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6838b5b1e3722d26cd9f1b0cc4ef2f7a444b6e008a6ec67137b1e96dc5226172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 09:56:51 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:17:16 GMT
server: AmazonS3
x-amz-request-id: Z7W843YGGXG1F6X5
etag: "20d529e87edc8b5d1bf0b1212f8847bc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44605
accept-ranges: bytes
content-length: 114371
x-amz-id-2: +GK+5sVKguZBa8y/M0TdilFBqGTlfnd5uin5ZSiv/3e3w2m58JMa1HMPTrhwlx+1wQGkhPrPTgM=

GET
H2 200 pixel.gif
px.moatads.com/ Frame D76B 43 B
275 B 17ms
8ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=IPROSPECT_DE_KELLOGGS_VPAID1&hp=1&ra=2&vz=366042418&apif=2%2C7%2C8&zp=2&zq=6.1&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fimasdk.googleapis.com&lp=https%3A%2F%2Fhot.tinnendoc.com&t=1701597411643&de=583854924308&m=0&ar=51bd715ca6c-clean&iw=4663475&q=2&cb=0&ym=0&cu=1701597411643&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30550615%3ADV360%20-%20Amnet%3A376265360%3A200242139&zGSRC=1&gu=https%3A%2F%2Fhot.tinnendoc.com&id=0&ii=2&bo=undefined&bd=tinnendoc.com&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=iprospectdekelloggsvpaid504439310313&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A69%3A69&fs=205853&na=680765812&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 03 Dec 2023 09:56:51 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame 37BF 43 B
169 B 40ms
40ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=6b4f3e3a0cd82e412acb5b5b02db1d79&vid=5100907138106782922&__adt=8240604193468599783&__ade=1&latent=0&vis_type=8&__stamp=1701597411708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A182 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6017955146396&version=m202311060101&ct=77&x=1&cor=16910715073142140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7290 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8750673179099&version=m202309260101&ct=77&x=1&cor=2453386933101531600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame EBB8 43 B
276 B 40ms
40ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=e5299d61d609764df9ed0dbf2fafb4db&vid=5100819177176560841&__adt=8240602643894126099&__ade=1&latent=0&vis_type=8&__stamp=1701597411746
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 09:56:51 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AE38 0
54 B 245ms
245ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lppb5xmu&c=3169151273308&slotId=1584575636654&qqid=CLrg76mA84IDFVEJ4AodrI0ESA&gqid=4lBsZeOAPJ36x_AP4K6q6AU&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&ua_e=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 09:56:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
417 B 15ms
15ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

0b47ec96c472c2aa059fede00c7611d73a993fcda0b6c18d50778e6b7371bb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
276 B 16ms
16ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 438.json Show response
id5-sync.com/g/v2/ 251 B
533 B 15ms
15ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/438.json

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

071123ea0c7079696664d06470688f2bcd5032494c6311c6fff449c700429c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hot.tinnendoc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hot.tinnendoc.com
date: Sun, 03 Dec 2023 09:56:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4

Domain: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1700697647055/0002NF306GH_high_1700467547.mp4

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:39:59	Name: __cf_bm Value: Lkrp56sitRwnQoLUgr91rEiUpEejlEnK0S6jTrF_afw-1701597407-0-AV8PtHOkds55W69w22azWKBkfrLq5P/FWZI6rd0deq/MXERJU1b/t7BClNg449/TStfiujQAnb0F88FxR1O4wso=
hot.tinnendoc.com/	1970-01-20 17:23:09	Name: _pbjs_userid_consent_data Value: 3524755945110770
hot.tinnendoc.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A3%7D%2C%22C1453799%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701597408022%22%7D%2C%22C1449909%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701597408220%22%7D%2C%22C1450635%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701597408122%22%7D%2C%22C1452359%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701597408312%22%7D%2C%22C1514895%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701597408504%22%7D%7D
.tinnendoc.com/	1970-01-21 02:15:57	Name: _ga_V17JF385GG Value: GS1.1.1701597408.1.0.1701597408.0.0.0
.tinnendoc.com/	1970-01-21 02:15:57	Name: _ga Value: GA1.1.1950371521.1701597409
hot.tinnendoc.com/	1970-01-20 17:23:09	Name: _ubpbjs_userid_consent_data Value: 3524755945110770
.tinnendoc.com/	1970-01-21 01:25:33	Name: _pubcid Value: f683302f-ed05-44d5-b3e1-715cccfa6de6
.openx.net/	1970-01-21 01:25:33	Name: i Value: 1cf6adf7-9340-4227-85ae-41162a541078\|1701597409
.coccoc.com/	1970-01-21 02:15:57	Name: vid Value: T3Guu9bggbCg6Cyy
.tinnendoc.com/	1970-01-21 02:01:33	Name: __gads Value: ID=49ce9c27e6f56d4f:T=1701597409:RT=1701597409:S=ALNI_MbF8SJ6WfykXZvccO9BMq6QfUKx3A
.tinnendoc.com/	1970-01-21 02:01:33	Name: __gpi Value: UID=00000d01cfbfb0ac:T=1701597409:RT=1701597409:S=ALNI_MaZeruJYNtFmHArEln1OOJc_JuCkA
.doubleclick.net/	1970-01-21 02:01:33	Name: IDE Value: AHWqTUlBBXYkyrkZ3QPVsCshPR7iGoNM2uwIVeQkXuarAAd6vlhg4sXS8Eu5ZNa6
.adnxs.com/	1970-01-20 18:49:33	Name: uuid2 Value: 1665877379524380472
.casalemedia.com/	1970-01-20 18:49:33	Name: CMPS Value: 3366
.casalemedia.com/	1970-01-21 01:25:33	Name: CMID Value: ZWxQ4lUZfCNnainF6mJE8wAA
.casalemedia.com/	1970-01-20 18:49:33	Name: CMPRO Value: 3366
.doubleclick.net/	1970-01-20 20:59:09	Name: APC Value: AfxxVi4WhfO9KedNSY2ErGdD2hx9TdPNoua3gLK5J3-o89GEUwveTQ
.adnxs.com/	1970-01-20 18:49:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?asAxgb!]tbPl1M>e)ZlrFUfJ+tGXxpSPW<0lSa]+K-s'y?6q!HId@3]X^VAZ+hxD?3If)y3KL9D3I?+^Jw(G
.bing.com/	1970-01-21 02:01:33	Name: MUID Value: 26B9A84467906D131BC7BB9866426CD3
.doubleclick.net/	1970-01-20 17:23:09	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 16:40:01	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-21 02:01:33	Name: uid Value: 0f3fd548-1d2a-47b9-9af3-425d3948f580
.criteo.com/	1970-01-21 02:01:33	Name: receive-cookie-deprecation Value: 1
.tinnendoc.com/	1970-01-21 02:01:33	Name: cto_bundle Value: u0G-LV91dThoZjI5eXZxQXJiZ3d2c00xYTFDbEFISkZoa21HZUNOWmk0Zk9xNDZFZjRCbyUyQkpSWWlLeEpkJTJGTGk4QzBqYUNwenlBRlhSV0o4NjFlRFUlMkY0azZGc2EyYnI1eUtOJTJCTjZDaTBGQ2NsdnlkQVpuM0sxaUMxNGxWN0UlMkI5YmJEbENzT3VkbUVEREgyY1k2Rmt6V2lQUE1nJTNEJTNE
.googleadservices.com/	1970-01-20 18:49:33	Name: ar_debug Value: 1
.revjet.com/	1970-01-20 16:41:23	Name: ads Value: e5299d61d609764df9ed0dbf2fafb4db
.tinnendoc.com/	1970-01-21 02:15:57	Name: _ga_WZV2WB4N45 Value: GS1.1.1701597410.1.0.1701597410.0.0.0
.tinnendoc.com/	1970-01-21 01:25:33	Name: FCNEC Value: %5B%5B%22AKsRol_Lo9SL7a25hbpieCv3LNthElKnV3qQzuvcLadRm4ftkJbXJC_GaVFnow5rH2K93Uk2pCRzpx_Jd1DrhYs_cxz5KFVsrTU1S2TrD5BkdI8XQtFAVJAwu1pkIrXAiUj879TLT_tK89UYjJkq0DUyndkAe5TP6Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.revjet.com/	1970-01-21 02:15:57	Name: trx Value: 5100819177176560841

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://z.moatads.com/iprospectdekelloggsvpaid504439310313/moatvideo.js(Line 147) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85bddcca14f703dd63dc91893661cbd4.safeframe.googlesyndication.com
a.mgid.com
ad.doubleclick.net
ads.pubmatic.com
ads.revjet.com
adsdk.microsoft.com
ams3-ib.adnxs.com
api.unibots.in
bid.g.doubleclick.net
c.mgid.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revjet.com
cdn.steepto.com
cdn.unibots.in
cdn.unibotscdn.com
cl.imghosts.com
cm.g.doubleclick.net
cm.steepto.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hot.tinnendoc.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img01.ztat.net
jsc.mgid.com
lb.eu-1-id5-sync.com
media.phunutoday.vn
mug.criteo.com
newsbot.unibots.in
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pix.revjet.com
pro.ip-api.com
pubads.g.doubleclick.net
px.moatads.com
region1.google-analytics.com
s-img.steepto.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
spadsync.com
ssp.qc.coccoc.com
static.adconnect.vn
static.criteo.net
stream.unibotscdn.com
svastx.moatads.com
tag.adbro.me
tpc.googlesyndication.com
unibots.b-cdn.net
www.bing.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
cdn.revjet.com
104.19.128.72
104.19.131.72
123.30.175.112
123.30.175.44
142.250.185.226
162.19.138.117
162.19.138.83
170.187.252.201
172.217.16.198
172.217.18.2
172.64.151.101
173.194.76.157
18.133.129.135
185.89.210.141
192.229.233.6
192.46.215.171
2001:4860:4802:32::36
23.218.208.187
23.218.208.200
23.218.209.154
2400:52e0:1e00::1049:1
2400:52e0:1e00::1053:1
2400:52e0:1e00::1076:1
2600:9000:20fc:3600:a:e047:753:a221
2600:9000:26db:f800:15:157b:ff80:93a1
2606:4700:10::6816:3068
2606:4700:10::6816:31fd
2606:4700:10::6816:3456
2606:4700:1::6813:854c
2606:4700:3030::6815:27ec
2606:4700:4400::6812:297f
2606:4700::6810:5914
2620:1ec:46::45
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4019:808::2003
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:1b::1724:a391
34.102.146.192
34.120.135.53
34.98.64.218
37.252.171.52
51.77.64.70
65.21.20.220
65.21.233.19
0015e4cfc3d70d2c01256bc2774b0853c91466b93c82a1fbc9dc40dbd36531d4
00c17bae700b4235e485b3616e1d043ccc97f849bc567ee13a1c8dad25497178
014b890244de1ead0c47ca13b562cd94255f890914fffad027e135d9b57549f7
016c8030312cfd2ed1c48e63d4bd624309ac0274087155dd6675a0c6f4b0a3f1
01fd59cfdbd38fb8a99568b198d3ccfcabd0ccc45b24f065f202a128fe8f9995
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500
03dced5b6e32e167dbf0585cbbd8720c9e776036f35d9ab901d71118ed02729e
04d7c3ad2bff68aae01884ba571cf05b0466487268ff608f4acea24e94144443
071123ea0c7079696664d06470688f2bcd5032494c6311c6fff449c700429c7c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af
0b47ec96c472c2aa059fede00c7611d73a993fcda0b6c18d50778e6b7371bb33
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25
0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb
0e1456dcaca3f64a8d541fbe5230f8841adfdfdf917a6e1ddef68ec75e817bb9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1220d9003b445da2d784381c47fd2fc12273bf42351d14cd191c2d176846ade3
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19986e814cddc1bd987c6ffabeb017f888999b87a4f839e36c44736e533a1135
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1c3af2614aabee6cf955284128535ee8569df0d5553045277e0d69a3a48bf380
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f82c5fb4faf631b8ea2bb1b8d3894fb69f30494a46d92a7d69b7b80ad7e6a7f
207f0edcb6683eb56058120817f430ef1ea03a232843989320dbf7ee845384c1
239216b805f39d63cfe2b55e7c49f4ff35496f3747702dc90ac3933dc200842d
255d2272ccc47ae60b8fd1e466f6f32cebe175387fca014ea7c64d620855220f
25ed3695f22ec36c54092bcdd0c6bf8b21b388d99efcf0f5968c2bd1a1ef1338
2701ec7021fe014ebee553978db5bdd52edec511ce1a50425742ca55d429c693
27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875
2a27432eabcee058a7014c04062dffc9cedb33ef2dbe98eac12dc3dc2e742462
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2c3d87543a457235cb5521ba4492f8283257d0b6f9794132b3773dd76858a299
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30fb6901b7410f1e6798fbf23acbd37c183416d71d0a18bafbdcc114d3fb7054
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31920b5f996493691041f09e041678711f4fcdc79031a64bace197cc19c5cbee
347a1056239fa107b858d51b0a3f435d1803b27b262c08463a414047294146a9
35851c34e4be78d12fc79cbf6964e7fc614c8ff0a7f6d32e223f2ff4ba84af09
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
38da5dd1d1b8ed934ce5d4021cf460084bdb4609aaa983fee80d6a9bd79a376f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
397a7ab97ed133302f9560f6ecdc7a2b9327e92738f9e434b57f5f77a89a477f
398472186bb1ae9e295e8f469e10d896567b2f88b01eadefba4425e067737b93
3a0cfeb3ca8a8574d1b96bb634739f2d33525dea2cfa52a958b685bdb597c594
3a2903897d7db11068fe7aa97edc0060850c94991af5920f6ed0c2b61d1cb42e
3b2db07955031fde097f90106d743765e0a37de575ded96a2bd609f9dfb3d29a
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c2e14ef08a2b8cf858271cc2f6491e505833c67022487e542b2eede8d6c69dd
3c7ecff13dbf5cabdd126adfc0fc9d3541bde84bfee23399dbdf5fec22528a1f
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
406bebb7d8be40f2f5338fef95a4edc5c1ac9642407e5afb53d017bdf99d47a6
42dd582f38f02c692321f9bbf999f14fe571131db327c94ba2677e1c79c2e4b7
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47698525d088cbf7b080915d5afded9c7c5bffe55117bbe90f243d181d0e9fae
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
497d9ea1b444bcac2b2f722dca9d5dca800ebca674991856e12f93c1647a71dc
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b40669700f9b79a0b8a6d5977455a91e6a114af9fe17c532db209d0e3d5008c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4bc9791bcf0b5eb3bc714f4765a19aaa20f3b498c04aff829a821e03fae4cbab
4bc98d0358f953e232802b11e33131c4704c48136d67b4f797b21af59d4d3225
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5393771772c1bd3c3284c9d47637aa92ae5505c0b464607c816cf381d84bc2e6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561e47ef00c66ab8f61bc5b4dfb05758c6251271e2ebafa3fd6b223f8e0ea807
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
5ef92c8d4857c449d34ff3cc220bb775bf3b7e2dab565611fff9d32a8b1ff89e
5f6f9d0243502b97869f93bdaf732854b64f720e7b0aaea1268c8a063131d953
5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9
60c0ec445e43c977bbf021f011c538db585842442f5ee858682f3ab3016d1c01
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63a82218df3cc4661499edc06cfc6b276385240f9e9ac5cd404e7384afa73abc
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
64511eb16b26a657642ebf4cdda009893f812c71d87b3eaf9ede851b2d2fa928
65a5a9b2d5aee687f78c896e2b63e4ece89167952caed36d43e53d3464878aae
6838b5b1e3722d26cd9f1b0cc4ef2f7a444b6e008a6ec67137b1e96dc5226172
68c2aca7089ad165c8fcda6fe5ebdb0eaa04b59334561431e69cc574e2346eee
697b02aa25bf407d4d65fba4e398a250d8f309084e8b4c4fee9118239fbfaaf7
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6c80e64a6bf93c5eb5d55eda08edb25e959644b74a20ef7adcfbbc76af6967d2
6caf4920eeb817f57e32ab8d2f5851ea0c3613d4ed9a867a8128e5b5fc075295
6ce1eec1e4da25be9c215734ad555eb5c3587f7abdcde8054c7e83a4c5b14413
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6ffbc4ab41fea680a0df5bcbd1804c9d2d3baa572eee8c69235742cf5d390c72
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
7151d2dc1d59cdfec801ce205e4903d918ccd390d20b91e3025e0a7462362a14
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7461eec0cf90ba939065fe5e10e95d1ad87db5aa9bb73d30706b7cbadf964ed2
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
77eaae9bcbed9101f50b7207ad3e396d971da4db2965729d683a533ec4244a25
785262c31960480e3ad1e1cd1df97203d954cb3ec895591d60b81c87f3670ed2
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
7a472105a534660ddd70cb0d81544fb82d0f0a8ca7e4bd24245942223b947248
7b97290fd11bd60cda70c7d923a77f68d3e70efa7844a543d4806e6f68a55447
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
84b94e15521293db9f5440fb8a4ffefe060367fd67d2256d54323978c9e487e6
8b2e2d78b945f5cf54430f4ab6d1ece8d0d8a0d1b219d722d808466d50312c60
8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe
8bec913f48cd8d1086e694d76d8ed0c2c1d9a10c39c68c9e64f7f7d6711775c5
904c5ef336ffeafbdfa1793a67414236218bd6f5c422d9b795adf1a5ce6fa348
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98f0e603240d784d9646b0d0b5c72a972c840c60ba8528e702950e0e06d48052
9ba82163964fe2d9b2873027486511bf801b71e24d35e90e31bd9d660409070b
9c97e1c156b888afbb54fd3e9335062f8e571ad15d342628b1e0730ce2a8e29c
9d3bc8424364648b6163eee67ecb6c8638e383e2932b781a1f65879134e8e27b
9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff7bcb54c5a572a063dea4924d151a49cf9f2f5b7df6b9e5c9452937d126783
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a26c30cdc8c9e276e1d258d71388c1b47bf96c27fa3ed4a35d63250c2881d8fc
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a508e84018c13a0963f1cdd12b7289993a2358b4d62424597aa7e7f937e86ab3
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab079fffae087a27af4cab8a6bab453cecd659199e4848aeb93e0995859511c7
abdf12e68945f7d97f4e3a4dde432b9676b51c7e23cda89a74003f2f92ed24e0
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b08a36d96cac05486785f83e89a94d5ab0cf77b3f6367055b2ae2ceb5ee3901c
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b178a09f39fc312546292a10d61d6244fe4b142c6bc5fdab6072b6c5676fac97
b2600df86ae30fded7c5a85f4a41baee7be58a184a5fd17c946de5fda61b725c
b3462a4d284ff854e824066e80d1b5d502ac124c44c7a61328a797b1b130bc74
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b7f6aa278321bbc25a8c1725572e0c2ba9762e7c46c5de74bdc4e0172438178b
ba7e24a83ac9eef96e255963d8d70ba51a24318f4343d2707a0917480e220cc0
bb4ecd643ac5900e53fb47a1c289514d0978c294626d64ff551b9f1ea6cc928d
bb7ef089f6084f34c7622e97e4c8ced7c863c369894390a98cd44fc66d09ea39
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c265932af732894ea2ecb93a59857589a48826c537bfb2d222679c3c573a267d
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c32ba0de551a8f36a7b998107080cc435cbd3b31b6c5952bb502c68435bf2584
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c54d5a813b649a6d395c5e07cfd243ca144511f66249049bde0df2f527bf8ad5
c60f119f941167d0d2a4f6ebf7dcc455b2e40f8e900e83f64f86703c0b821b07
c6193e6bd2040374c6402698c2d02ead6017511945260c5cd67ee2b41499bf75
c715dc74a62ecfe6e7df293d073c2d42b9e2f867557b4fe7700ee89ad38a70c6
c814e60fbfa155a4cbf47ae486db41e866285f48cff7d887afb2462e760d91b7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd2f0e5e49c78295ac0ef3c0c28516ea142463ccf98d60bbd9e7e0833a037bb7
ce68ee1503d5898f130368ff0438b2f891d6c3b22d88e1513e5600bcf5bf9f23
ce82683c599088d469c58e316c366d1922f0bfb887ce22b48ec2d4aa26f989ca
ced9db9e35973303bc4762de4171a6f879a47eeadaca124a6782f2e6d033bfd0
cf0cf201de44dd5ac4fb6d1ee4a1f7263971ba85f33b4992c6425dcaa8ade1d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d4d7a10361dc63d3a8ebdfde96a9848e2a9968b3cb78ffbaee9c6b877bd74a40
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7ad0129c0a5caa342938aeb746f2381a8a4a0517f7de4cf74445040c35deb9a
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
ddc6edce54d8c476571435a0f626d9fb52fc187fa002067bbb6c961da5974eaa
deb50842709a38b667580a304bf6ed8671a9cf96f783c47320964b20930cef6c
df6c38ab272af9d44cb5021bcb6e2ea26f42e4ce2b0bae5439fa53037bdd5260
e14b585f5602ba9e45ae8d8fd5c473f47a70d75bdaccbaf2676d722111c045eb
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d6d85966c358f3c69310e2421967ce6190bd1fe7ce5c456b123b85a9865f01
e73b1d66dd6bdcb40a2e11b2617a75598bda3dfbf918b42fbb5d7ce02672c820
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f45ad37f2408a41741a5195f2790dfc907a984455fdd81b49286ea94a5045be7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f95f3a798d207f7d4c791306b3606897d076013a843fa4a44a078a4d09d0f2cd
f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18
faa3f2d45fcfe74d5989ce934c6fbaf3fcdced919c5f229fc23f068b6a6317a2
faed53a6f9fc1eaad51969d10a543b28278ca417f8f0d1c61284962782ef20c3
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6
fc34f53558defa10110e7223345a1e2194cfbbf7fc818393801ba7118676194d
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fffb77ef84f502854a497700b265ddf8ad08798a445a43de3185e61d74fdb98f

hot.tinnendoc.com Open in urlscan Pro 2606:4700:3030::6815:27ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

332 Requests

89 %HTTPS

55 %IPv6

39 Domains

66 Subdomains

59 IPs

9 Countries

11357 kBTransfer

19300 kBSize

29 Cookies

2 Outgoing links

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hot.tinnendoc.com Open in urlscan Pro
2606:4700:3030::6815:27ec Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

89 %
HTTPS

55 %
IPv6

39
Domains

66
Subdomains

59
IPs

9
Countries

11357 kB
Transfer

19300 kB
Size

29
Cookies

332 HTTP transactions
9 data transactions