Submitted URL: http://ecdyno.pics/
Effective URL: https://ecdyno-pics.ngontinh24.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On December 19 via api from DE — Scanned from DE

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ecdyno-pics.ngontinh24.com.
TLS certificate: Issued by GTS CA 1P5 on December 4th 2023. Valid for: 3 months.
This is the only time ecdyno-pics.ngontinh24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 cookielaw.org
cmp-cdn.cookielaw.org — Cisco Umbrella Rank: 165362
cdn.cookielaw.org — Cisco Umbrella Rank: 324
189 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
185 KB
6 monu.delivery
monu.delivery — Cisco Umbrella Rank: 27986
imps.monu.delivery — Cisco Umbrella Rank: 32801
184 KB
4 gstatic.com
fonts.gstatic.com
169 KB
4 ngontinh24.com
ecdyno-pics.ngontinh24.com
36 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
236 KB
2 ecdyno.pics
ecdyno.pics
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
6 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548
245 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
4 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
261 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
38 12
Domain Requested by
9 cmp-cdn.cookielaw.org monu.delivery
cmp-cdn.cookielaw.org
ecdyno-pics.ngontinh24.com
6 fundingchoicesmessages.google.com ecdyno-pics.ngontinh24.com
pagead2.googlesyndication.com
4 fonts.gstatic.com ecdyno-pics.ngontinh24.com
4 monu.delivery ecdyno-pics.ngontinh24.com
monu.delivery
4 ecdyno-pics.ngontinh24.com ecdyno-pics.ngontinh24.com
3 pagead2.googlesyndication.com ecdyno-pics.ngontinh24.com
pagead2.googlesyndication.com
2 imps.monu.delivery ecdyno-pics.ngontinh24.com
2 ecdyno.pics 2 redirects
1 cdn.cookielaw.org cmp-cdn.cookielaw.org
1 fonts.googleapis.com
1 geolocation.onetrust.com cmp-cdn.cookielaw.org
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ecdyno-pics.ngontinh24.com
38 14

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
tcf.cookiepedia.co.uk
onetrust.com
Subject Issuer Validity Valid
ngontinh24.com
GTS CA 1P5
2023-12-04 -
2024-03-03
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA
2023-02-23 -
2024-03-25
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
imps.monu.delivery
GTS CA 1D4
2023-11-13 -
2024-02-11
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 3 frames:

Primary Page: https://ecdyno-pics.ngontinh24.com/
Frame ID: FB5C5D8C2D2F0A13420716C09F75A00E
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: E31888942C8F748331675546E5DFFEA6
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: A55A4DA09C45944254270D4B406C590F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ecdyno - An Experienced, Professional, Authoritative And Trustworthy WebsiteBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://ecdyno.pics/ HTTP 301
    https://ecdyno.pics/ HTTP 302
    https://ecdyno-pics.ngontinh24.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

38
Requests

100 %
HTTPS

93 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

1099 kB
Transfer

3719 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ecdyno.pics/ HTTP 301
    https://ecdyno.pics/ HTTP 302
    https://ecdyno-pics.ngontinh24.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ecdyno-pics.ngontinh24.com/
Redirect Chain
  • http://ecdyno.pics/
  • https://ecdyno.pics/
  • https://ecdyno-pics.ngontinh24.com/
70 KB
16 KB
Document
General
Full URL
https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c0f5a843ebcefffb0eb2aa290b809e57baebd6e44230eab89157def389bb1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
immutable, max-age=31536000, public
cf-cache-status
HIT
cf-ray
8382a0fa0fc792b9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 21:09:49 GMT
last-modified
Thu, 09 Nov 2023 03:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wTh1aaHMelVc5UNBqPA7%2FjUhSMTamj0TAXtKi%2F24%2BttQLxC9vHD4t4fA3X5BrKLSsu0DmdK%2FgaC%2BK8xBTdRiXe4jsI0LA%2FbbwFbToAQVpDCUkG4VzmfBPp7eX94dGxqPayehilz5F%2B1aBZqdaI%2FYVaDwbQ6rB4FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8382a0f96ec93a8e-FRA
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 21:09:49 GMT
location
https://ecdyno-pics.ngontinh24.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4IGgb0F7s7if8aORVf2th1tfXhws442oECDW37ZWHQI6ovDBQQowZVXK967P7xkwJbZQueCH4bkxwMGbBFJQGZr%2BakOlYa%2BIGsspRE3hRuXAGwTYLOGmgNhaho0sfL0Apdgg15jM9IE8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
newsike.css
ecdyno-pics.ngontinh24.com/css/
49 KB
10 KB
Stylesheet
General
Full URL
https://ecdyno-pics.ngontinh24.com/css/newsike.css?id=77c5e826b503d7fe3cf4
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ec2ca6ad8c920ea4a50f07f94aebb37e8aa673fcddd048b232a8c0b385e97f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 19 Dec 2023 18:32:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTnXTtZUo2hVwMSYNWL%2Fo%2Fk%2Bmuo%2BoME2tbDNSKB4QAnwzA41f0IXMpHL9FgmGJaKwGdz%2BHBotP0nR3GJhm6qwe77xQQmP0Tz26eKURT0eGKro8LkrTcVyqbo28BaL9LIpkI2kAcQZ%2FHO87E757WwJ3vK0d9V8RMILw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8382a0fa581192b9-FRA
alt-svc
h3=":443"; ma=86400
newsike.js
ecdyno-pics.ngontinh24.com/js/
21 KB
9 KB
Script
General
Full URL
https://ecdyno-pics.ngontinh24.com/js/newsike.js?id=2bc7a738c76de8ec59aa
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af284fa768787fbb6b7efb8b20e162fc80630596797d1f32bc7cdc34bfcc564e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 21:09:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6PBhUOWhRlKaFOD1Q8BYqNukkbd5LAN8LOLylMCffA%2B9%2B%2FzSX1HjUSkLxULPxudzlY8RX6DcIX8YamrAJKsVeCgvdrRnniTc5ppjeG01XmRdmiuSVMh7JC3AhSq8FvZzbYmgyDzuDWX9tNhJe1KZKzUARHbCeo%2FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8382a0fa581692b9-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-54725HQVMF
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2032446fff4fe4dff9ce77608d976d96d188cf6ba388fe109ea4981dbdb66dd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Dec 2023 21:09:49 GMT
d82422-8575-448e-84fe-fa092518ca2d.js
monu.delivery/site/f/d/
65 KB
16 KB
Script
General
Full URL
https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
526cc893461119c48f345195651b244526521fb18083d45f4a6238b379ef87e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:49 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPocR8ud8RRVxQajFfbsWvfgOCkXezd4_aaig_xqJUIZrUcZfLsmWKx-7Txy1raF_NeOflAfXmRrcw
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1703008296605621
content-type
application/javascript
x-goog-hash
crc32c=OZ17Cg==, md5=hUQQoJvOZzHbadIfHtdDEQ==
cache-control
max-age=7200
x-goog-stored-content-length
66328
expires
Tue, 19 Dec 2023 23:09:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd0de2f0c937d2d84a62d606a4220420e4a0df4f4a6eaffe79c48c9faa09ad05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Origin
https://ecdyno-pics.ngontinh24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51306
x-xss-protection
0
server
cafe
etag
9607742763095139072
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 21:09:50 GMT
pub-7109864259348938
fundingchoicesmessages.google.com/i/
182 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/pub-7109864259348938?ers=1
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
864ff1463453df20d2c3a8228eb1bbcdaa2b8c7c399cf9958c7af64c236dc40b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ynI04N8IhjK6Mda1CqZZwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ynI04N8IhjK6Mda1CqZZwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
261 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-54725HQVMF&gtm=45je3bt0v9120859566&_p=1703020189869&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1981676694.1703020190&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703020189&sct=1&seg=0&dl=https%3A%2F%2Fecdyno-pics.ngontinh24.com%2F&dt=Ecdyno%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=440
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-54725HQVMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 21:09:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ecdyno-pics.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/
5 KB
2 KB
Script
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
age
1793
x-guploader-uploadid
ABPtcPriP-Pk4fpGlsBAYNOByqAcL3GasMmkwsdsTarU-KkvOmVfvq8ACf0T8XHr123mPbuaTxU2xPh49Q
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Fri, 13 Dec 2024 21:09:50 GMT
pub-7109864259348938
fundingchoicesmessages.google.com/b/
11 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/b/pub-7109864259348938
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47c0880fc455dd679f16fb0696eed65e3e926bf2978dbd81ff74a5f9b11acbb6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rj97IEtnQYkGJjRU7aJsGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-rj97IEtnQYkGJjRU7aJsGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
50 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/js/newsike.js?id=2bc7a738c76de8ec59aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
671c5de9a1fdda01fd37094d7de06ae8aa84dc0f0e6fbb9646d95cf4be8a85b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51489
x-xss-protection
0
server
cafe
etag
849810912722920489
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 21:09:50 GMT
otSDKStub.js
cmp-cdn.cookielaw.org/scripttemplates/
13 KB
5 KB
Script
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
JVAndnKaGjIy3NFOrT6xPQ==
age
2286
cf-polished
origSize=13478
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 05 Feb 2021 17:39:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fcf16ae6-d01e-005d-606d-0cde52000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
8382a0fbdd0c199b-FRA
expires
Wed, 20 Dec 2023 01:09:50 GMT
d82422-8575-448e-84fe-fa092518ca2d.js
monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/
588 KB
163 KB
Script
General
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
1dd8736e6e8096826b63ee0d4716dbfbc4ded4c79deabe244c453e3925c4d382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPr5MGFZZwFdIjZFIOIpYfxmS-mBwMpDSgPNobAzOxFxKP0BRBmbp9nCd_FCJWYRkUE-1MR7Idi9Nw
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1703008299440569
content-type
application/javascript
x-goog-hash
crc32c=I2hYuQ==, md5=z+ZKgdlrl63Qr/dKKSqodA==
cache-control
max-age=7200
x-goog-stored-content-length
601378
expires
Tue, 19 Dec 2023 23:09:50 GMT
/
ecdyno-pics.ngontinh24.com/
0
0
Fetch
General
Full URL
https://ecdyno-pics.ngontinh24.com/?adPageCd=
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/js/newsike.js?id=2bc7a738c76de8ec59aa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 21:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orrdtQhw6jbtS56VUWVa%2FPExgjLVTr6ahISo6GU6QvnjBqz2r1AZ0TYkGg98aru4hc67zvcC8Dpu850ejYsVk%2FS70b7xJLH6JjwaJf4YJhzUfF5H6kUXtRcoRJHjI0Z8EtjjTm8uqRAely9KOWHdn2CanBgzPeiDHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
immutable, max-age=31536000, public
cf-ray
8382a0fbb98b9b8e-FRA
alt-svc
h3=":443"; ma=86400
AGSKWxVBr7T-i2PzTKHlzrtrnnlK37Y9xUQ5vL_yjIgZVoAZGbkRdfjo6u93_0OWE-7YUkEG_uuI_W__XTcTp7PVqBDgjQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBr7T-i2PzTKHlzrtrnnlK37Y9xUQ5vL_yjIgZVoAZGbkRdfjo6u93_0OWE-7YUkEG_uuI_W__XTcTp7PVqBDgjQ==
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bLRc4OE7eSA7qZ_B1sOU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-bLRc4OE7eSA7qZ_B1sOU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ecdyno-pics.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7109864259348938&plah=ecdyno-pics.ngontinh24.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b71e10537a1746b13d2395aa5fc2ddbaebb78944424cca34165cdac385a1eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137965
x-xss-protection
0
server
cafe
etag
15676628115736670725
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 21:09:50 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame E318
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 04:39:54 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 04:39:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame A55A
3 KB
2 KB
Document
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Tue, 19 Dec 2023 21:09:50 GMT
expires
Fri, 13 Dec 2024 21:09:50 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPrsWZBL1OgnhcwJHxFGT7N3x5R2_RF7m6MCIzhQrkWKwSuinQmzEt1aHJQeahamNksY13I
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/
3 KB
2 KB
XHR
General
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
tXBT16ktnX7ktreh09r26A==
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1ecb7475-c01e-000c-7ebf-3243de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=432000
x-ms-version
2009-09-19
cf-ray
8382a0fc2ac19966-FRA
AGSKWxUXCeX06bL6MZbsOB-jY9JrK9qyaJkkd3bbf4kbZvAL5ijCwawCeEtCRnrA1liGyH8k3rWe3z0EJV349lS4-UZUiioHhD4CtWTsFRs26iqiBQTJh5PHekPn2djXcoFCOs3R3K8S7g==
fundingchoicesmessages.google.com/f/
368 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUXCeX06bL6MZbsOB-jY9JrK9qyaJkkd3bbf4kbZvAL5ijCwawCeEtCRnrA1liGyH8k3rWe3z0EJV349lS4-UZUiioHhD4CtWTsFRs26iqiBQTJh5PHekPn2djXcoFCOs3R3K8S7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDIwMTkwLDEwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lY2R5bm8tcGljcy5uZ29udGluaDI0LmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58895fda7b25eededf23c0d574400cf26ae4506fa9212620499b5bc560f7f3d4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RQMtptWDuX1FUWumuP05ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RQMtptWDuX1FUWumuP05ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/
37 B
515 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=a5183aa0-67dd-415c-ad32-684c1f4777a0&a=p.d.l&u=IN44NM&d=%7B%22c%22%3A%22DE%22%2C%22r%22%3A%22HE%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:35:45 GMT
age
1463645
x-guploader-uploadid
ABPtcPrl8V0pkV6ompZ1e2tY9z_3otngHeGW4ytnt4gKeYTcwgA6ffXGemWsdMX4xkILZU9mvDc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:35:45 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
77 B
245 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac1c925f26640ad9227061f173993d7c7253ccc587fe41d8291aa1e7c8b9474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
8382a0fcb8da381f-FRA
vary
Accept-Encoding
content-type
text/javascript
otBannerSdk.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/
366 KB
81 KB
Script
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2hymstrqSFu7c4C3tsoodg==
age
3564
cf-polished
origSize=374787
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 05 Feb 2021 17:39:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ee22f539-701e-0054-10a8-219b81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
8382a0fcee3e199b-FRA
expires
Wed, 20 Dec 2023 01:09:50 GMT
ca-pub-7109864259348938
fundingchoicesmessages.google.com/i/
182 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7109864259348938?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7109864259348938&plah=ecdyno-pics.ngontinh24.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cfb20be62453027543444e88f46ca1d83269dd8ac57c1c079d6e39af856df88d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mUDOOLFqetQNnjcAbD6JgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-mUDOOLFqetQNnjcAbD6JgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
77 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a10fe1b88e1a761cfaae5b9237736e40d78f69cee7afcb2f0081cd9585614bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 21:09:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 21:09:50 GMT
en.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/
37 KB
9 KB
Fetch
General
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/en.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
6aAZFzb6UKpVDwi1VwLGeA==
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cdd3cec8-401e-0002-26bf-326a6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=432000
x-ms-version
2009-09-19
cf-ray
8382a0fd5c199966-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/
398 KB
57 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7daaea0e23f1b46b8cee7ee002e8b5e16dcd602bae7990a073e6f77a40a33984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
T2EO+M5YujGweuw6GKbrmg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58301
x-ms-lease-status
unlocked
last-modified
Tue, 19 Dec 2023 18:05:27 GMT
server
cloudflare
etag
0x8DC00BD14BF29CF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
db94cf7c-f01e-0049-44bf-327b68000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8382a0fd5c1a9966-FRA
otTCF.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/
67 KB
15 KB
Script
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otTCF.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
KgOdlQGhgiHAfAnDQiJaFQ==
age
2607
cf-polished
origSize=68680
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 05 Feb 2021 17:39:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e855e459-001e-0003-31d5-1235b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
8382a0fd5ebf199b-FRA
expires
Wed, 20 Dec 2023 01:09:50 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Origin
https://ecdyno-pics.ngontinh24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:54:06 GMT
x-content-type-options
nosniff
age
44144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14720
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:54:06 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Origin
https://ecdyno-pics.ngontinh24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:59:49 GMT
x-content-type-options
nosniff
age
43801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:59:49 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Origin
https://ecdyno-pics.ngontinh24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:27:58 GMT
x-content-type-options
nosniff
age
297712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14544
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 10:27:58 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
Origin
https://ecdyno-pics.ngontinh24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 07:29:10 GMT
x-content-type-options
nosniff
age
308440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14048
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 07:29:10 GMT
AGSKWxXb2yVbguUT2fdn8FT9jZ-2VYR3UKSFg8uh3m2m1xrHEoUHphMFWGzSrYML9osJMnxowIFnEvccnqmFkIR_RnJk0yoeqRGscbMeK-J-xQPGs_MFbkQlit7VSJUGgHbZSBFYhJ_opw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXb2yVbguUT2fdn8FT9jZ-2VYR3UKSFg8uh3m2m1xrHEoUHphMFWGzSrYML9osJMnxowIFnEvccnqmFkIR_RnJk0yoeqRGscbMeK-J-xQPGs_MFbkQlit7VSJUGgHbZSBFYhJ_opw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PEf1u9SSQgmKz7iz8QXt-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ecdyno-pics.ngontinh24.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 21:09:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PEf1u9SSQgmKz7iz8QXt-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ecdyno-pics.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=a5183aa0-67dd-415c-ad32-684c1f4777a0&a=p.l&u=fdd82422-8575-448e-84fe-fa092518ca2d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:35:45 GMT
age
1463645
x-guploader-uploadid
ABPtcPrl8V0pkV6ompZ1e2tY9z_3otngHeGW4ytnt4gKeYTcwgA6ffXGemWsdMX4xkILZU9mvDc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:35:45 GMT
otFlat.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/
12 KB
3 KB
Fetch
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
IQRggZnL4QDFwfiXP8gbfQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2822
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:03 GMT
server
cloudflare
etag
0x8D8C9FCEDFA3E76
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a6ad3ac9-901e-003e-64bf-3243a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
8382a0fdfcda9966-FRA
otPcCenter.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/
47 KB
11 KB
Fetch
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6SSYYj+cvj/lp8HQvP6bVA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11379
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF4A85A1
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
57b92494-701e-0036-48bf-3259a6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
8382a0fdfcdb9966-FRA
otCookieSettingsButton.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCookieSettingsButton.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
CaGQ5l/lz/RAB/LfzD6w5A==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2178
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF05A5C6
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6bf9f61a-d01e-0010-52bf-3211be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
8382a0fdfcde9966-FRA
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
cmp-features.js
cmp-cdn.cookielaw.org/consent/cmp-features/
8 KB
4 KB
Script
General
Full URL
https://cmp-cdn.cookielaw.org/consent/cmp-features/cmp-features.js
Requested by
Host: ecdyno-pics.ngontinh24.com
URL: https://ecdyno-pics.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ecdyno-pics.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Dec 2023 21:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
9u6YIWGeNVQg6qhQV2zLqg==
age
66781
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
69f6c13b-101e-0030-01e1-5a6a19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=432000
x-ms-version
2009-09-19
cf-ray
8382a0ff5908199b-FRA

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| $MMT string| c function| __h82AlnkH6D91__ object| adsbygoogle object| lazySizes function| onImageError object| regeneratorRuntime function| OptanonWrapper function| __p4qa8r1lb17__ string| cHViLTcxMDk4NjQyNTkzNDg5Mzg= function| xDomainCookie object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWIwYzUwOGE2ZGZkNmMyZWxvYWRlcl9qcw== string| ZWIwYzUwOGE2ZGZkNmMyZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| jsonFeed object| otStubData function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| googletag object| otIabModule object| Optanon object| OneTrust

4 Cookies

Domain/Path Name / Value
.ngontinh24.com/ Name: _ga
Value: GA1.1.1981676694.1703020190
.ngontinh24.com/ Name: _ga_54725HQVMF
Value: GS1.1.1703020189.1.0.1703020189.0.0.0
ecdyno-pics.ngontinh24.com/ Name: session
Value: a5183aa0-67dd-415c-ad32-684c1f4777a0
ecdyno-pics.ngontinh24.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Dec+19+2023+22%3A09%3A50+GMT%2B0100+(Central+European+Standard+Time)&version=6.13.0&hosts=&landingPath=https%3A%2F%2Fecdyno-pics.ngontinh24.com%2F&groups=STACK1%3A0%2CSTACK42%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cmp-cdn.cookielaw.org
ecdyno-pics.ngontinh24.com
ecdyno.pics
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
googleads.g.doubleclick.net
imps.monu.delivery
monu.delivery
pagead2.googlesyndication.com
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3030::ac43:d543
2606:4700:3035::6815:5dab
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a01:7e00:1::b903:5c4c
2a06:98c1:3121::3
35.186.236.140
04ec2ca6ad8c920ea4a50f07f94aebb37e8aa673fcddd048b232a8c0b385e97f
1dd8736e6e8096826b63ee0d4716dbfbc4ded4c79deabe244c453e3925c4d382
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2032446fff4fe4dff9ce77608d976d96d188cf6ba388fe109ea4981dbdb66dd8
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21c0f5a843ebcefffb0eb2aa290b809e57baebd6e44230eab89157def389bb1f
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
47c0880fc455dd679f16fb0696eed65e3e926bf2978dbd81ff74a5f9b11acbb6
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
526cc893461119c48f345195651b244526521fb18083d45f4a6238b379ef87e8
58895fda7b25eededf23c0d574400cf26ae4506fa9212620499b5bc560f7f3d4
671c5de9a1fdda01fd37094d7de06ae8aa84dc0f0e6fbb9646d95cf4be8a85b1
6b71e10537a1746b13d2395aa5fc2ddbaebb78944424cca34165cdac385a1eb9
7ac1c925f26640ad9227061f173993d7c7253ccc587fe41d8291aa1e7c8b9474
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7daaea0e23f1b46b8cee7ee002e8b5e16dcd602bae7990a073e6f77a40a33984
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
864ff1463453df20d2c3a8228eb1bbcdaa2b8c7c399cf9958c7af64c236dc40b
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
9a10fe1b88e1a761cfaae5b9237736e40d78f69cee7afcb2f0081cd9585614bd
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
af284fa768787fbb6b7efb8b20e162fc80630596797d1f32bc7cdc34bfcc564e
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
cfb20be62453027543444e88f46ca1d83269dd8ac57c1c079d6e39af856df88d
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
dd0de2f0c937d2d84a62d606a4220420e4a0df4f4a6eaffe79c48c9faa09ad05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855