urlscan.io logo urlscan.io
SecurityTrails logo

giaibaitap123.com Open in urlscan Pro
123.31.12.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://giaibaitap123.com/
Effective URL: https://giaibaitap123.com/
Submission: On December 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 10 countries across 29 domains to perform 207 HTTP transactions. The main IP is 123.31.12.182, located in Nha Trang, Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is giaibaitap123.com.
TLS certificate: Issued by R3 on November 19th 2023. Valid for: 3 months.
This is the only time giaibaitap123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 123.31.12.182 135905 (VNPT-AS-V...)
2 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 21 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
8 142.250.184.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.184.198 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 22 142.250.186.66 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 185.89.211.116 29990 (ASN-APPNEX)
6 2800:3f0:4005... 15169 (GOOGLE)
1 64.233.167.157 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.190.0.66 15169 (GOOGLE)
4 4 37.157.2.228 198622 (ADFORM)
2 35.244.159.8 396982 (GOOGLE-CL...)
2 23.32.185.35 16625 (AKAMAI-AS)
3 3 52.28.181.94 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 35.156.190.4 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
1 1 3.125.137.228 16509 (AMAZON-02)
1 142.250.186.130 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
207 36
16    123.31.12.182 (Nha Trang, Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn
giaibaitap123.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
34    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
42    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
3    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
22    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    2800:3f0:4005:400::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net
bid.g.doubleclick.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
3    52.28.181.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    35.156.190.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3602:97f5:4393:5614:bb1a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:16::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-5hneknek.c.2mdn.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.125.137.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-137-228.eu-central-1.compute.amazonaws.com
d.agkn.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ade.googlesyndication.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
77 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
860 KB
49 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
306 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
176 KB
16 giaibaitap123.com
giaibaitap123.com
218 KB
13 google.com
cse.google.com — Cisco Umbrella Rank: 3119
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 411
176 KB
8 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-5hneknek.c.2mdn.net — Cisco Umbrella Rank: 516546
4 MB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
386 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
137 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
400 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
934 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
797 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
147 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 686
730 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
714 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
174 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
587 B
207 29
Domain Requested by
42 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
giaibaitap123.com
tpc.googlesyndication.com
www.gstatic.com
imasdk.googleapis.com
34 pagead2.googlesyndication.com giaibaitap123.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
22 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
21 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
16 giaibaitap123.com 1 redirects giaibaitap123.com
10 www.google.com 1 redirects cse.google.com
www.google.com
giaibaitap123.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
8 www.googleadservices.com giaibaitap123.com
7 fonts.gstatic.com fonts.googleapis.com
6 csi.gstatic.com imasdk.googleapis.com
6 www.gstatic.com googleads.g.doubleclick.net
giaibaitap123.com
6 www.googletagservices.com googleads.g.doubleclick.net
giaibaitap123.com
4 c1.adform.net 4 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 ad.doubleclick.net giaibaitap123.com
3 pm.w55c.net 3 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 s0.2mdn.net googleads.g.doubleclick.net
giaibaitap123.com
tpc.googlesyndication.com
3 fonts.googleapis.com googleads.g.doubleclick.net
2 r1---sn-5hneknek.c.2mdn.net
2 x.bidswitch.net googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 ads.travelaudience.com 2 redirects
2 um.simpli.fi 2 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com giaibaitap123.com
www.googletagmanager.com
2 cse.google.com giaibaitap123.com
www.google.com
1 googleads4.g.doubleclick.net
1 ade.googlesyndication.com
1 d.agkn.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 clients1.google.com giaibaitap123.com
1 region1.google-analytics.com www.googletagmanager.com
207 45

This site contains no links.

Subject Issuer Validity Valid
giaibaitap123.com
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-12-05 -
2024-02-13		 2 months crt.sh

This page contains 29 frames:

Primary Page: https://giaibaitap123.com/
Frame ID: C72D4EE48FCFE84497170F94D9CFF0A0
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: A4B69F2860E3314354E20B56C5CD215B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&adk=1812271804&adf=3025194257&lmt=1702870901&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901567&bpp=11&bdt=727&idt=197&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6075575744906&frm=20&pv=2&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: FD0331CA1C3F92C5A9DD96FE99EF2C84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Frame ID: C8DA16F8C2E70C2CA78D357F69A8035A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 2749C68A5DB6F9865716E46106E11150
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 4180273FB1B10D0E150F86A3CFEAFE8F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Frame ID: F369DF8D40BE4C11B2C3F3BBF39E4544
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Frame ID: 12EC9255DA0467742139D0C3D6DDEB0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 23E8A0323332E80A0CCF6ECABF324997
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: C0B81DAED75A9522342630D63B17EBB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: F0ED504B9470C2E2E02C8FF5E678F1EB
Requests: 10 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 9E5D0AA6716D6FAEC1305545AC832334
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 33B149A695A4033E65138EE27ACEC465
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5FDE3E6305188EBCFFF30CA3C884CC72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB07C567B595F0BB62A24EA9D6C5AB7D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: A1E9E6004DEDFC7E368339FECBB7BE82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Frame ID: 6AD907B9F7FC850F7159D74A303078D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: 50615AD48EDF57B032A1D263B6ACD788
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 876D30F8BADF0C3C5494CD69A86F3987
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Frame ID: F6BB157D80AFF22062D575DF222CF4F9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Frame ID: 8DD1E31DDAC9D7AFD8A42CC5579F9190
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/5926540398142644464
Frame ID: 98AAFB6BA08204843A8FE696B577FCD1
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 30144282E42B726E79F5C6F6CA4F822C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 7BAF45FA4A1B3B6AB6F1571A1B3BCE24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5C677C0CC067EB3E8F6BEB6DCDF3A8C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 33335483D6CF0284AC27FDAD4E2123FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05BBE19E571E46C6F168260036285B92
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AC0048A3DB45860543D4D5F3794675FE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 7257B67E77CCBBF2C3973C5A7CA769C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Giải Bài Tập, Sách Giải, Giải Toán, Vật Lý, Hóa Học, Sinh Học, Ngữ Văn, Tiếng Anh, Lịch Sử, Địa Lý tìm kiếm

Page URL History Show full URLs

  1. http://giaibaitap123.com/ HTTP 301
    https://giaibaitap123.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

88 %
HTTPS

51 %
IPv6

29
Domains

45
Subdomains

36
IPs

10
Countries

6602 kB
Transfer

10817 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://giaibaitap123.com/ HTTP 301
    https://giaibaitap123.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQBWbdb9_ZeKJMaGN1PIPmrWl4AvrhsKAdOGw4q2sEoj_59OZPxABIKHh9xpgleKQgqAHoAGsoPyQAcgBCagDAcgDywSqBM4BT9A3-Ux8mZwKOZedgYfXiq2yHFsAgLlwZU1ftWaO1KHXHZEpmcteq8HNPjP3yB28S-Ikda_iHclqZ-oE6OwjTGy0JeiGCMHfvQG0-71OUj-SF__8pM-UNDR560sM8Ii816BTl76riTe3CLTWMargEHaWhHNEq-cwS2z8LGP6M3_BiZ1iABtVblQ5JAEIrjPJXWyt69NLiaZ9Ql-iHG_rxe-DWK7nkMinrLSCSmb8R76r9iI2OE5q1iE3o3cWPoTZEvj9T_s8bC1S99sNYA_ABN_siuXDBIgFsoz4pE2SBQQIBBgBkgUECAUYBKAGLoAHvN-D7wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCDn0rSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIT-zLmImIMDmgkgaHR0cHM6Ly9yZW1vdGUuY29tL2xwLWNvbnRyYWN0b3KACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxArgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODk2ODYzMjE4ODg5NTI0ORgA&sigh=oUko_Y3U9sU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_4enIG9K1zoPxPlN2CwlhHN05sl8NwbMup88ConmugWXOgef0deARFuUxP9V38Q9Hq2b3gQG26f1KyqBQY5DxbefyN9hSyHl5uxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215158140945253316956%22,%22debug_reporting%22:true,%22destination%22:%22https://remote.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22304025644%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211817631924329100193%22}&andc=true
Request Chain 79
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CRkw5db9_ZaSWMb3p1PIPwu63gAqNkMCgdISdxbfmEJiS-IezAhABIKHh9xpgleKQgqAHoAGDhaq0KMgBCakCDqjL0mBHsj6oAwHIA0iqBM0BT9ADlbuewjhKTHzA05fk-v08V8SMlRIZsHhS7kg-hW-drB4JwwqZRAC3MuFPZW0gw1sdhpJTTMupqkqgFtIBGTZzAFq6BGGjNvandfK2o_ClqsoFtzOSZnDHL_n8bGR66ewCWxckttP54fjvsEcMvIfRCrPe-nv17CgprJpBMB9mMIsDSAIJGaMiQa-1CdKZyU3GduUs10XOCPX5Vefm0V04Gla4oHzbGWpCUUcMtylFVRNKdunXM2VMRgCtKsxFCUJak0Nkmwupgmkf7MAE353YsJoEiAWxxKGcSZIFBAgEGAGSBQQIBRgEoAYugAeDvfqTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENSgGNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8IHNuYiYgwOaCYEBaHR0cHM6Ly93d3cuaW52ZXJ0by5jb20vZW4vY2FyZWVyL2NvbnN1bHRpbmcvP3V0bV9zb3VyY2U9Z29vZ2xlX2NwYyZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPXZvbnFfaW52ZXJ0b190Z2MyM19jb25zdWx0aW5ngAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMN0BUBgBcBshccChoIABIUcHViLTg5Njg2MzIxODg4OTUyNDkYAA&sigh=Sj4jjY56vH8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211312164939157477781%22,%22debug_reporting%22:true,%22destination%22:%22https://inverto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210847158915%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214785666424595780097%22}&andc=true
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1
Request Chain 112
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX.-d4mZ5uyZXnNkgFGR.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1&google_hm=2
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPraDE3Fi6IEWydeVS3yk4A&google_cver=1
Request Chain 114
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzOTk1MjYxNDA2NTYyNjM3MQ%3D%3D
Request Chain 124
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CX4Fgdb9_ZaWWMb3p1PIPwu63gAq7w5TQdPer6M7LEdnZHhABIKHh9xpgleKQgqAHoAHI0tXJAsgBAqkCDqjL0mBHsj6oAwHIA8kEqgTNAU_Qt4rssQqkpkIqCOcNSoPQitnxin4elWWP_NwGH42tN3fvWXcUkMcPfy6UBxNdeNo196nbF6Ri4Ryw4oR0zekjf0VB2EqHLrxT2cZm5rYwEMMItpeJvDpfyS8V1Haf1t_5Sp8KICFU3nHCJPFdKxbSbm6yE42OrWnnM_e85H07LKBvycueNNWWODKsAoGUGVVJ6B5vQgPwtDXPAiavb0rIm14pBcPCX-QbEA4NVEvDfe1SzS0wYkpG2ZxYa72TavJMyeilxxbMzuKVWInABMPq_f22BIgF1fvfx0mSBQQIBBgBkgUECAUYBKAGAoAH7pKX1wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCr6ArSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCBzbmImIMDmgm1AWh0dHBzOi8vd3d3LnF1aXJpb24uZGUvZ3V0aGFiZW56aW5zZW4_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1nZG5femluc2thbXBhZ25lX2F3YXJlbmVzcyZ1dG1fY29udGVudD1jb21iaW5lZHNlZ21lbnRfemluc2thbXBhZ25lX2lubWFya2V0JnV0bV90ZXJtPWltYWdlYWSACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItODk2ODYzMjE4ODg5NTI0ORgA&sigh=EqLsKZTzr2g&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213637228276683144817%22,%22debug_reporting%22:true,%22destination%22:%22https://quirion.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22691366216%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216687409574208261585%22}&andc=true
Request Chain 130
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1&google_push=AXcoOmTkDG96uvs8B3k0_G5I80G8Q5oZtiMY4iupl-dzfeiieb21Z6vuaZXxouSfY3dWfx6zxhjdWlTcoafEgI-BNBLrNlmZ5X04EXM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzODU1MjQ1MTIxODI4MjY5MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1
Request Chain 132
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 133
  • https://um.simpli.fi/gp_match?google_gid=CAESEPBRN69fWMa4KBE6miDL5LY&google_cver=1&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRPOTmOJYRSJ9OWmOM4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRPOTmOJYRSJ9OWmOM4
Request Chain 134
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI5vKANi6PWSCgaeFhHBygM&google_cver=1&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPvrM5eZUYDgS2rQqaDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzc3NDgzNzY5ODUyNTM0MQ%3D%3D&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPvrM5eZUYDgS2rQqaDw
Request Chain 135
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9IkKgm2isZUyMwlp6J31k&google_cver=1&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOAVsftXszqaQdHeQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pml9ynw8Sr8HvTKuZ3L4KQ&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOAVsftXszqaQdHeQ
Request Chain 136
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZdylaoLq7YpQ76n8n7erZZad8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZdylaoLq7YpQ76n8n7erZZad8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0MzA1NDE3NzA1MTYxMzgyMg&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZdylaoLq7YpQ76n8n7erZZad8
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAJA-zO97s14gsVsfCVGpxw&google_cver=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECrwtC-UGf4Ad7ER6TkBb_k&google_cver=1
Request Chain 147
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9NPrwQFheNRhETiZRlKeVvlYy9wsPsDrToQ7JZbdOJVWLfMN4bSb7cWxBv HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9NPrwQFheNRhETiZRlKeVvlYy9wsPsDrToQ7JZbdOJVWLfMN4bSb7cWxBv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9NPrwQFheNRhETiZRlKeVvlYy9wsPsDrToQ7JZbdOJVWLfMN4bSb7cWxBv
Request Chain 149
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9IkKgm2isZUyMwlp6J31k&google_cver=1&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYBuf1t_isrWZdeD4i6 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qr2qCgzmQTs1E8jqaLkD-g&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYBuf1t_isrWZdeD4i6
Request Chain 151
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECPCKbp859XjJzmt73APUok&google_cver=1&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j13yjKjyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j13yjKjyQ&google_hm=eS1OU29OQ0NwRTJwSHZYdU11MmNicFNuSkVwaGoxaUpYS35B
Request Chain 153
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51iP3F0_I1AR-ewEvqeE00QrEbH HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51iP3F0_I1AR-ewEvqeE00QrEbH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxNDk5ODgzOTgzMzQwNDQ4Nw&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51iP3F0_I1AR-ewEvqeE00QrEbH
Request Chain 160
  • https://gcdn.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/956B1B71449C4D662D504824A394A50C98B36704.1C246914D3EFB5684D9776500BD62F50D87F0AF/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05B5B069A11296CAA91563E7AC8C02F934FD3E7F.0F4C7F7C979002149F4E70AECB2FB32F7175180B/key/cms1/cms_redirect/yes/mh/8C/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hneknek/ms/onc/mt/1702870008/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 179
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM2vU3lgElc8iDAOfepihnY&google_cver=1&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvtRgBTzzZYIZ1h3jL3ocjmEcKnKSHelDluwgpAc8e8V3lxkU HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvtRgBTzzZYIZ1h3jL3ocjmEcKnKSHelDluwgpAc8e8V3lxkU&google_hm=lQMt3KGo9pqmUzUTJ6jf7Q
Request Chain 180
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmRv8jifpzGNmgudzkUoTkUG-WQMU4NC-5hNIUqLQMEHv2xoIoR8thh977OBpCo4I8TEUgC-HSGAdf0i9p42m_qzjeb3n8SI9ruU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmRv8jifpzGNmgudzkUoTkUG-WQMU4NC-5hNIUqLQMEHv2xoIoR8thh977OBpCo4I8TEUgC-HSGAdf0i9p42m_qzjeb3n8SI9ruU
Request Chain 182
  • https://um.simpli.fi/gp_match?google_gid=CAESEPBRN69fWMa4KBE6miDL5LY&google_cver=1&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdYwxDHip4M7zXbn1u4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdYwxDHip4M7zXbn1u4w
Request Chain 184
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEK_RQfB6kkV8VZ8ATX49og4&google_cver=1&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY&google_hm=Q0FFU0VLX1JRZkI2a2tWOFZaOEFUWDQ5b2c0
Request Chain 192
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIO54dr9_ZcCwK-Tyx_APxOSvmASftI7ldL-QxIXMEY3m2r_NARABIKHh9xpgleKQgqAHoAGszrDRAsgBCakCDqjL0mBHsj6oAwHIA8sEqgThAU_QutTVJEJuy33JyufdcjPbPaFgnnxUGO5tMX_YoIHoK1jYQjwI0bsD2g8C8QHAGxWOjArTAj9lJQH7eCQpYBvewgEoV5V4wml0wxPBF3OfIaP5wgGGCtnUVS8ahFG90qusaem-AjNXwj163wMUmH7cRqZtNK22BGx_IPsroIhkqRvuvKxnnnPiZ6kOKsgmSBpOz10uwgMOVcAbmrRAgHxmrQ06FFogYE2bbUiT-nC-7DkIBdBCpJFNSA7JSKSNvOZUlGbBMlI8Oxshb6_0zPlPZv3WPdyIbIyWH3mJ8MRCyMAEttDJ16gEiAXG5KjVO5IFBAgEGAGSBQQIBRgEoAYugAe8sc-uAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJT6CNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8qaEuoiYgwOaCRVodHRwczovL2ltbXVjdXJhLmNvbS-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi04OTY4NjMyMTg4ODk1MjQ5GAA&sigh=awawxvrrDDM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_6kUKDZFfCrGOoqFmlZLmfs59Md5ghFnquF2Qicl7YckgZoHdxRxYM0OQCnpG-2Ray3t-uVt0GAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2267782795486458658%22,%22debug_reporting%22:true,%22destination%22:%22https://immucura.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22707536684%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214433656439089734753%22}&andc=true

207 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
giaibaitap123.com/
Redirect Chain
  • http://giaibaitap123.com/
  • https://giaibaitap123.com/
46 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
823261d90759c7c372198077af4ef0bfef463ce66473614982a2a8a069c7faa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
47085
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 03:41:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

Content-Length
149
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 03:41:39 GMT
Location
https://giaibaitap123.com/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
bootstrap.min.css
giaibaitap123.com/bootstrap/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/bootstrap/css/bootstrap.min.css
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Mon, 30 Apr 2018 05:22:49 GMT
server
Microsoft-IIS/10.0
etag
"809a724743e0d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
21061
fontawesome-all.min.css
giaibaitap123.com/font-awesome/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/font-awesome/css/fontawesome-all.min.css
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 08:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0e42c6f35e8d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8970
jquery-3.3.1.min.js
giaibaitap123.com/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/js/jquery-3.3.1.min.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Sat, 26 May 2018 03:44:04 GMT
server
Microsoft-IIS/10.0
etag
"0da9ccaa3f4d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30394
popper-1.14.3.min.js
giaibaitap123.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/js/popper-1.14.3.min.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Fri, 25 May 2018 16:44:12 GMT
server
Microsoft-IIS/10.0
etag
"016f19b47f4d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7253
bootstrap.min.js
giaibaitap123.com/bootstrap/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/bootstrap/js/bootstrap.min.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Mon, 30 Apr 2018 05:22:56 GMT
server
Microsoft-IIS/10.0
etag
"0b89e4b43e0d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
14073
webslidemenu.css
giaibaitap123.com/menu/css/ 		60 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/menu/css/webslidemenu.css
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
81681dcf0703b946feff80d753c359af4f4d31a0991962ddbc534af446fb7a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Wed, 30 May 2018 16:07:46 GMT
server
Microsoft-IIS/10.0
etag
"0b5c5930f8d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7010
custom-menu.css
giaibaitap123.com/menu/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/menu/css/custom-menu.css
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40d2e679ba37486762bd9c374bb6578e4ec5c3e5429c5bf5b7c630c326a1cfc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
last-modified
Thu, 31 May 2018 04:07:35 GMT
server
Microsoft-IIS/10.0
etag
"801db3e794f8d31:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
1175
webslidemenu.js
giaibaitap123.com/menu/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/menu/js/webslidemenu.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2aa140fcf3c6e9909bbc07a828afba05b0566d583d3bae2653183593b560b10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
last-modified
Sat, 03 Feb 2018 14:47:42 GMT
server
Microsoft-IIS/10.0
etag
"07bb9f1fd9cd31:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
1777
style.min.css
giaibaitap123.com/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/style.min.css
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ed720dcd693aa9e9324e8e0ab23b7223064871db4db3ee89ddacd8df78fbe9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
content-encoding
gzip
last-modified
Thu, 26 Nov 2020 15:58:18 GMT
server
Microsoft-IIS/10.0
etag
"09d1f4cc4d61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3544
logo.png
giaibaitap123.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giaibaitap123.com/images/logo.png
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1fd5a07eb23bcbedc8757a93e398129621aa5dc26b464d6c7e3716429d822f61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
last-modified
Thu, 31 May 2018 03:54:36 GMT
server
Microsoft-IIS/10.0
etag
"026611793f8d31:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
23827
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=004913025683177536761:1yhw8gp_nd4
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
d12b18718a75e2bd7790b49b0da5467da209942f1c51ded9e680cd6f21700f51
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ZLR8lLSNRWzwlRJr_Bj5Zw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ZLR8lLSNRWzwlRJr_Bj5Zw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Mon, 18 Dec 2023 03:41:41 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3075
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Mon, 18 Dec 2023 03:41:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32450eca6bbb7f16ab5b4c97c27e7c9678eee992aaae57178f8758e066f2d656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51615
x-xss-protection
0
server
cafe
etag
3396067842637563225
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:41 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-82393458-3
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c194d7dd2699dac26d13747262ac7fded4da853ee5047a97c78c637c5bf86e80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68935
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Dec 2023 03:41:41 GMT
custom.js
giaibaitap123.com/js/ 		762 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/js/custom.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f9db9ac45f57d6bc72039aae2cd3ab0e4c951327f339c41baded58c2091ff32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:40 GMT
last-modified
Thu, 11 Jul 2019 04:25:55 GMT
server
Microsoft-IIS/10.0
etag
"804b10bba037d51:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
762
right-arrow.png
giaibaitap123.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giaibaitap123.com/images/right-arrow.png
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26cc3c39704437f4d34cc01644fcfb2e9a18b6e4b90304163a36b26f3abeff2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
last-modified
Thu, 31 May 2018 09:10:29 GMT
server
Microsoft-IIS/10.0
etag
"80703f38bff8d31:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1691
book-icon.png
giaibaitap123.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giaibaitap123.com/images/book-icon.png
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a713dd456f10b1ff2c3a445d44c70f95723e94a7d3fec131a9ef1201d8f76c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
last-modified
Fri, 01 Jun 2018 04:34:34 GMT
server
Microsoft-IIS/10.0
etag
"0a91cd761f9d31:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2786
fa-solid-900.woff2
giaibaitap123.com/font-awesome/webfonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://giaibaitap123.com/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/font-awesome/css/fontawesome-all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
123.31.12.182 Nha Trang, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer
https://giaibaitap123.com/font-awesome/css/fontawesome-all.min.css
Origin
https://giaibaitap123.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
last-modified
Thu, 10 May 2018 08:03:52 GMT
server
Microsoft-IIS/10.0
etag
"0e42c6f35e8d31:0"
x-powered-by
ASP.NET
content-type
application/font-woff2
accept-ranges
bytes
content-length
50372
cse_element__vi.js
www.google.com/cse/static/element/3bd4ac03c21554b3/ 		316 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__vi.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004913025683177536761:1yhw8gp_nd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6079e31ddac806e4a6501374c3f38344efe7ed43b058e79379a12032ed3d549c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107577
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 16:53:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 18 Dec 2023 03:41:41 GMT
default+vi.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+vi.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004913025683177536761:1yhw8gp_nd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 16:53:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 18 Dec 2023 03:41:41 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004913025683177536761:1yhw8gp_nd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 18 Dec 2023 03:50:04 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-95WRFTKV2G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82393458-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7be248502944ce70993e448a8875691ca03ce2a36945b7a32339ebbc2b7e85de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 03:41:41 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82393458-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 01:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6807
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 18 Dec 2023 03:48:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7926743226557b29e8ea9808bee35d4d8f58a679058d8717232b12e21eca278f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137957
x-xss-protection
0
server
cafe
etag
4383106467132865087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:41 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame A4B6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 04:13:23 GMT
etag
12700215250743596434
expires
Sun, 31 Dec 2023 04:13:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-95WRFTKV2G&gtm=45je3bt0v9119032705&_p=1702870901303&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=311068260.1702870902&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702870901&sct=1&seg=0&dl=https%3A%2F%2Fgiaibaitap123.com%2F&dt=Gi%E1%BA%A3i%20B%C3%A0i%20T%E1%BA%ADp%2C%20S%C3%A1ch%20Gi%E1%BA%A3i%2C%20Gi%E1%BA%A3i%20To%C3%A1n%2C%20V%E1%BA%ADt%20L%C3%BD%2C%20H%C3%B3a%20H%E1%BB%8Dc%2C%20Sinh%20H%E1%BB%8Dc%2C%20Ng%E1%BB%AF%20V%C4%83n%2C%20Ti%E1%BA%BFng%20Anh%2C%20L%E1%BB%8Bch%20S%E1%BB%AD%2C%20%C4%90%E1%BB%8Ba%20L%C3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2225
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95WRFTKV2G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://giaibaitap123.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=851941259&t=pageview&_s=1&dl=https%3A%2F%2Fgiaibaitap123.com%2F&ul=en-us&de=UTF-8&dt=Gi%E1%BA%A3i%20B%C3%A0i%20T%E1%BA%ADp%2C%20S%C3%A1ch%20Gi%E1%BA%A3i%2C%20Gi%E1%BA%A3i%20To%C3%A1n%2C%20V%E1%BA%ADt%20L%C3%BD%2C%20H%C3%B3a%20H%E1%BB%8Dc%2C%20Sinh%20H%E1%BB%8Dc%2C%20Ng%E1%BB%AF%20V%C4%83n%2C%20Ti%E1%BA%BFng%20Anh%2C%20L%E1%BB%8Bch%20S%E1%BB%AD%2C%20%C4%90%E1%BB%8Ba%20L%C3%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2138374224&gjid=1790894157&cid=311068260.1702870902&tid=UA-82393458-3&_gid=1844368015.1702870902&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=465178533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://giaibaitap123.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://giaibaitap123.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__vi.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13376431191049311150"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Mon, 18 Dec 2023 03:41:41 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+vi.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+vi.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 18:26:14 GMT
x-content-type-options
nosniff
age
551727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 10 Dec 2024 18:26:14 GMT
branding.png
www.google.com/cse/static/images/1x/vi/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/vi/branding.png
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b514af54d6e542fa59a2315392ba85ec1959e5d3813b27eb50c8b2e196782e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:27:30 GMT
x-content-type-options
nosniff
age
519251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 11 Dec 2024 03:27:30 GMT
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame FD03 		444 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&adk=1812271804&adf=3025194257&lmt=1702870901&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901567&bpp=11&bdt=727&idt=197&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6075575744906&frm=20&pv=2&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5fe2fe410b47001315fd3172919f4db7d7e191bea0432fac15a86fc27c0ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
93554
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
expires
Mon, 18 Dec 2023 03:41:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C8DA 		131 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e978c44f2966cff2844d74630a17a05947c1e91e054df49bba9938c91e0519a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43387
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
expires
Mon, 18 Dec 2023 03:41:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C8DA 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 01:48:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 03:41:42 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C8DA 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C8DA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
16885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C8DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C8DA 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C8DA 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:42 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame C8DA 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14713006145535139160/ Frame C8DA 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14713006145535139160/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8f992173f5da429e5285538eff91fce7e1b2eef3ee2d53e88a03b85565f172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 16 Dec 2024 21:15:11 GMT
date
Sun, 17 Dec 2023 21:15:11 GMT
x-content-type-options
nosniff
age
23191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35193
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 15:58:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/15216919355959508947/ Frame C8DA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15216919355959508947/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07f96cfa5250260a2bac918ae9d7834b73c50f6134d21997c3d9c49eaf395afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 16 Dec 2024 20:12:44 GMT
date
Sun, 17 Dec 2023 20:12:44 GMT
x-content-type-options
nosniff
age
26938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1653
x-xss-protection
0
last-modified
Fri, 05 May 2023 14:31:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame C8DA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf42e355d9d64c6f26a3171248abbf3d1bae18f071fab55a98189ee705c9d8e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8DA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:10:14 GMT
x-content-type-options
nosniff
age
498688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8DA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
555219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:28:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame C8DA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQBWbdb9_ZeKJMaGN1PIPmrWl4AvrhsKAdOGw4q2sEoj_59OZPxABIKHh9xpgleKQgqAHoAGsoPyQAcgBCagDAcgDywSqBM4BT9A3-Ux8mZwKOZedgYfXiq2yHFsAgLlwZU1ftWaO1KHXHZE...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215158140945253316956%22,%22debug_reporting%22:true,%22destination%22:%22https://remote.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215158140945253316956%22,%22debug_reporting%22:true,%22destination%22:%22https://remote.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22304025644%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211817631924329100193%22}&andc=true
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"15158140945253316956","debug_reporting":true,"destination":"https://remote.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["304025644"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"11817631924329100193"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 03:41:42 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15158140945253316956","debug_reporting":true,"destination":"https://remote.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["304025644"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"11817631924329100193"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 2749 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=3290022505&adf=9850251&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702870901&rafmt=1&to=qs&pwprc=3016507311&format=1200x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870901578&bpp=2&bdt=737&idt=200&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
512972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 05:12:10 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215158140945253316956%22,%22debug_reporting%22:true,%22destination%22:%22https://remote.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22304025644%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211817631924329100193%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 03:41:42 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d50e47b16cf1ca158bdf205cbdf607862902f2d7f797b6fe5fd0b85f9d60dad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12073
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56007
x-xss-protection
0
server
cafe
etag
5399100907576838485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4180 		129 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bce4a51c6d471f58c43ef7efb862df20ff81ce2cd3e9de1df072403bc61a1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
44469
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F369 		105 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99e457908e27e22a07821877621ce2538b6ba643dd7cb8295afe33e385a6e8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
45139
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 12EC 		105 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
378ce306447fd7d71cc3bc82c83afefb63efbbb8611650c632aa46a5b7f63c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
45230
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 23E8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 21:17:14 GMT
etag
12700215250743596434
expires
Sun, 31 Dec 2023 21:17:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame C0B8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 21:17:14 GMT
etag
12700215250743596434
expires
Sun, 31 Dec 2023 21:17:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F0ED 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 21:17:14 GMT
etag
12700215250743596434
expires
Sun, 31 Dec 2023 21:17:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8968632188895249&plah=giaibaitap123.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 03:41:42 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 23E8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
16885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 23:00:17 GMT
css
fonts.googleapis.com/ Frame 23E8 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 01:51:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 03:41:42 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 23E8 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:37:52 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 23E8 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:21:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 23E8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 9E5D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame 9E5D 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 07:10:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5D 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame 9E5D 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:35:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9E5D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
16885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9E5D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:42 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 9E5D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F0ED 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
16885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 23:00:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 33B1 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F0ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F0ED 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
6589219018815132188
tpc.googlesyndication.com/simgad/ Frame F0ED 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6589219018815132188?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkD6miacQmXyzmtT8dHMxQ0t07uMQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1efd07c26304aaad1a9692160072d9626f77835a28e1f795e0419845c326f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:08:56 GMT
x-content-type-options
nosniff
age
181966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53739
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 15:10:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Dec 2024 01:08:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F0ED 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:42 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F0ED 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 02:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 02:51:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5FDE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 19:37:41 GMT
expires
Mon, 16 Dec 2024 19:37:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EB07 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0940ae89a72520f3447d02ed54337a03c0f5918bba7000bd0a26429962146bd0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OpqlMXN9qwRT-hZVCN3Nqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://giaibaitap123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OpqlMXN9qwRT-hZVCN3Nqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
expires
Mon, 18 Dec 2023 03:41:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 33B1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
expires
Mon, 18 Dec 2023 03:41:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9E5D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c538620915fd2a1dc01a63706bc54653ec19f4caee9f08cb983bc66b65b290aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame A1E9 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
512972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 05:12:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EB07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=490238894684156&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 9E5D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CRkw5db9_ZaSWMb3p1PIPwu63gAqNkMCgdISdxbfmEJiS-IezAhABIKHh9xpgleKQgqAHoAGDhaq0KMgBCakCDqjL0mBHsj6oAwHIA0iqBM0BT9ADlbuewjhKTHzA05fk-v08V8SMlRIZsHh...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211312164939157477781%22,%22debug_reporting%22:true,%22destination%22:%22https://inverto.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211312164939157477781%22,%22debug_reporting%22:true,%22destination%22:%22https://inverto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210847158915%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214785666424595780097%22}&andc=true
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11312164939157477781","debug_reporting":true,"destination":"https://inverto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10847158915"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"14785666424595780097"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 03:41:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11312164939157477781","debug_reporting":true,"destination":"https://inverto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10847158915"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"14785666424595780097"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5FDE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Dec 2024 08:14:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6AD9 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5061 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 00:43:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 5061 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
67312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:59:51 GMT
view
ad.doubleclick.net/pcs/ Frame 5061 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuqL8MUk3C20-wQ0i6aZ6CBH_0zAOm0bH-ds_qlZwm7ks5Znn48cfSf_zYHDF9bg4cBw2mt0ZJhXlg8LO66Ckrr8Siuv7hF9Ynq7tw6hxg51W_qpiKTb_-Z98bKGKRCv6ALurtAFIwpOhkBpnm21MxeF6UwOEG8uU3OrISHHKzihIJTAmjeIDrmOyXfecLfzNS8WY2jKPSHgfFoaPp80qfULkA7L9Lknzgu4iBx0CsxCPZn_odf87xtqPq21NcS7TOlGFz-YBydkfqMP6CLECFLkGkN-bXIwOg6WFsKZtxAsfCrVZQOXI6t_pDMBAMj5vRaBWE9-h6CcgzgHviDtRLUKtZLt4Fq3zi_BMDrMCXJY4NxkI84lwBeBKbWDd2JnH2uxZQelKB3F9YoKvSqrCmiEWoomnHtmNfYcbO8-UA39livpka5JzW3-YxaQRVoOsey3R_Cg4bRKVF6eYCnVUgxVcVp1C2EIZ0m3uDuq9JkUGH23rHgOt8776QM0hn6sLddEnWLkBbPhjW2As32E4KP5CpR4YIx8aFnzJZneADh0Czh9-e5MKB_gpKubjR93i-hlALAxhTz-ooJmrWnKtKC0uzO1vzqBavGHdUv43Iy2S2CLGsm2_OgJKz1e17f-DKV1N7diRYQaX8umvyI9yJjq08mkhz-d3WG2SGTTWGweJ_l7aN17Qvp-qcba_wWb_tKeFv96jMib18zEbcC-OqxcQSPoTcft8yd4d_RDPPeaezcY3poU2ckxD9cTQ-m6YdDYOPiwSabWVpwzbfUanFyPcPGCCi1lvJ0cruDU3SjLu5XNPLRArvlVEWcT-hJoNI6v_XEDuyse_2NtAISGz2hYNkyF88NaOvPFi_8xzdYzdSYOiSeyR1tMwVnF8J66RkuyxxjxfjjmiLK8ZJ-tykQAHI5YaOVvXYDtoF_nr-JWe6NlOq7rNnyI9vARjkzq9uux_F1CJohNlEcM4kwmazhn8m8bAKpUDj9Uknjl8PAS6CHFh2DG_bjy32fRVrCANvulkprYKtWI1P-KNKTW8XaunZ2e0jWA55nJg7rRcDtrhOA9iDb9X5yBHEuuHMF_zi0Nziwo7EF7j2bN7g4hsKMmoTH55blzYCzI3TYOs8ipNLZTx9AwgFxdJUvi_65J9V5pFE1y2Z3ueKHxu_YjZ8HicwWuVDMW4gJ5x8EK4Ze2N4YoflQPEVZzdcZ7m6L44csVXD_qAP0IUndGMdyDq7G3Cf_Uawg2-wWZAFISWa8hMFPQvDPf4j5BtG_XkF2du0rcdOSWTi_dUyV6WI66m7Eaw-cGsjz2yPphvn03aF-2EXMmUOWPlfG6fnJS5XAkv34bC9q35YlpgWUs2WOD73sL8qHmIoVBNGc-ezgsWgkLJoFr3oORUg&sai=AMfl-YSoTIQ6vUQNkABIRyydJH0wEK4z_oXXAC7mHPEzS2j0KgJi9a0scNHY8Rlyg47WtUqlmK4ZMzrijMtWqeUAKeerX0k5e6vZBFU0ZfGF-Dw_kXgT4DjS53E7xFYawFFeJme4AahZEQ7H3YwfNAOtyrC86z-fUcl6eCurayiQ8Tcnkc0NARqohRAOaW0o6TAdWKgkaF7i76NskqdrfzbIEJ6IAE_dDyFccGANFGqGqIh15FcHlVig_X1nOCrOExNKyPiMeI9fUi2KW9fpZpoJnIsinhn6J7tI6wRehWCAJz_QcfYO-h6uwmJSEXD2-tVS61owcSTdKJULGMBBAGaW08C3UbG_LaqvfJAjj8KndvAwg1WEDFRDc3nj_k95tBQQLoGF80mNQNbH3YWAW5vQN1icDonhQUrpugbCS48uk2iFWKmhDg&sig=Cg0ArKJSzLY0J47uR0ldEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.66187&arae=0&ftch=1&adurl=
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5061 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
207395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5061 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 876D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Mon, 18 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5061 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 5061 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVUpx413Tub3k7uMBxZx75ZAHDo9SZTtI8YoNqcnRtk04AplzQmW9XGr1Br4_ACY6LtQupK6APMzxi5B0bKksI6cR11A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5061 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5061 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bb9tm-tc6xTmJvLrpKBbWlNf25Qm7rNoS-RrnWEviXrLKxdqslZlz08t3FuN-YeIntlUbsflMEbat0VFMHJfo59EUt0JCUfD6jOya6YsQQgk4bzow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5926540398142644464
s0.2mdn.net/simgad/ Frame 5061 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5926540398142644464
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd902a66a2e9f74ab0b0f8d3901ca599781a222bfe0651f9d19db2463befa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 20:56:48 GMT
date
Fri, 15 Dec 2023 20:56:48 GMT
x-content-type-options
nosniff
age
197095
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42589
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 19:05:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
160x600.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/ Frame F6BB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8578e513243a34f4b4cb68eca3fead974bf7255b738a68bcbc88485924ffeb3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
120934
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1328
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 18:06:09 GMT
expires
Sun, 15 Dec 2024 18:06:09 GMT
last-modified
Wed, 16 Mar 2022 11:35:35 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8DD1 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 03:41:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5926540398142644464
s0.2mdn.net/simgad/ Frame 98AA 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5926540398142644464
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd902a66a2e9f74ab0b0f8d3901ca599781a222bfe0651f9d19db2463befa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 20:56:48 GMT
date
Fri, 15 Dec 2023 20:56:48 GMT
x-content-type-options
nosniff
age
197095
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42589
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 19:05:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 98AA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 00:43:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 98AA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
67312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:59:51 GMT
view
ad.doubleclick.net/pcs/ Frame 98AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstw-2A2jTYstANAJnBKOSgWz_QehOYlRffVGCDU5jpZokx3zvFIC0Au8AOVlNtojgixU7Fj0a3ME3cwkQ8w-f5wKiu8IlfrhRni7pSax8zbbCb7sTCCer1EBrtlrJ8ik2X2uCxJ2Us9s9INI4wMaq76nMwAm8vbpqr0LrwLk7lDGYfjvmnKQaJJNw-hgTq2bERUtpWZGtkCcxTiqaVLyT6Jxe-vLBT3_Hg5b62U1TL9pyiKWUH8617UKh51VYpBDy2uBbEuVl-6wplW_YwmfinPW8mghcsqWT0VnvtwaGUh_CcBVl7QJzxI6F88sMhEvNfmGE5nfChgVnWqRhJOZUzTXpi9cLW7uyQB7SYgIU4c2crvIAKizfm8tj0u4CKl6_E2ZsPvo4WVtUeBHP4Eu7fPEhmrpGPAxq0Qkc_hzf4y_-Kfs_dIIWFC9e3CJeNiMsoejEiq-EbFiMMEvPkhbyyKUQZS-2QJNmXr39yETy607bqWFgL1vAd9LXDDOV_z6XWIaQbgESG5K6l4L6g3fzpeFey-EZqOkZsQFck-tEw951QMvN_JlA2OOOADot1So3SMl1HxmwtPLtT4b8PRvzhI_AK3Az0DkpFK0pT66a1FUkNiwfBePVSv4-QTxLaHCavX-8Yo-pu6wyWU3tHGxtmf6lR7V-G4OjtdXnML0rnId32n_7KEiUOsIE7xytNWJ4jA3OmPH2kddqCvKF-8jv2fIZTHKfu7hHrPpCmC68x8OdejQN2g28ciGuY6YuyuUVeqq7r9Ti4trpjkpU7vrI-Pw_7JSR-5-X0M3nH-Vcnuf0VGUl8Ug51tUdxNF-jKkGoPm9l5mZ-Xip9JRHKtfq_osw2R6B3HMYl9cakZogOi8WMakyEunUpnK8UEExmlsMy34QrVlmcFk703MNHIm-HrIm47d5lk_cUUKLZPHkvkLZgNAqIMwCdmqYyDgLh_QtKKdGJ_4fq786Y2vMjoh7U_4VlBNSwWqJ8J8WyhN8xrPKvd8bVxVZAhrRxFYoJ0b5lU3-HWTCjnslYgitRITpjeDPQ1YbL3_kFTIF4F1e8LJ_tq3IQBiT35p28tV9l1tXHceWVZrl6EqhgDvaNbsNWwqRPVQ6s3U7qBv4_DyrpBH4uohdskjd2COoGqy06WLTAoz6hbsZlFOiOLXJH1GHVNdfNak8zQqLd8zh6DHdbYv0Vx95ix8MWrL7uqd8NwAZ0QGYmMRrtCIfX8NG69bpnMDhkzD_pTNIBnUZMkN3OpGo4DPQR5Y64pkpZ0klF5RjcImetBU6ElVtG550_hradhvanpYos2G-MPLWxEEfTscPv0EfNDMz1JJJP-uak3JuFMeP2o-Htv2wrEmvwiMIUX6JLmySuohsL67DDIFheAoQj_s949jnEX4COrVYWbb58&sai=AMfl-YTQM7TKAvMzik7N-HUOgFoGncD_yukJFk5-2cciMDm0-oZxv1YMOXmPY3_8bEZTlvxXkzOMmz_by6i44wbtZQmDsxMnwTWk7al3KO9K_gfyvXpOtqVcKgKTc4BdHQ3J2CDorXIDzxqMPYN0r0ndBGWWYIIrgjdUWCX5zpNuh2JefqlaXzc8uaOnFx8ox-93rnZQhg401pGatyPcldkbX7cTmNjzSbkVd3RMRc-Q2ZRfW81boGBvLr17dfqN-euJOBXTHMxoF-02JaHwb6d4AtfV1bLQAAgBDt5f2VLbVgdnoA3WvKwUaD1cmrpxZJadx5CUOTMidjiOc6hZaoUH6UlqHRfO64ZCbvpOSBHDgBIB93TbHDniOtEHRxKwgVS2WCalyKT9Dioke-9uVd2XiEmfBx61PqC0e1TtEfBGjj1ub5pw8g&sig=Cg0ArKJSzOQGn4iQEoKmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.85938&arae=0&ftch=1&adurl=
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 98AA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
207395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3014 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Mon, 18 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98AA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 98AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZ_o14eMtmRUQRfhWdvq6LnIh_ZGNxrhDf0AXasvHRfyLJagt2JK3JOf4tmSl3qNHu4S4PsHAom7R7bKL5IEMeS-utKA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 98AA 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFEG2-AiJW4VKanezAGm1XdAN4MPTBz-puJVfz6azxHwakH_YSFFK6f4mkLfM4pgP4GBXwcQ4kHB3nGiPE3xkezYHvkhMyllma_ONmo_X7EaG1dN8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F0ED 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
518930c34ec93c58c4da1a0bb12542d4a03026f12ec46663570a85999ac5ac25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 6AD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3acQKBYn9nJnMz87npVwObLPBax1uPA0ibOq5bcTvxkIZQL6%2FYXQeGhGLrG7tJgdzFQaPqMXnstveg%2FaQI33484LcJ4hsJRzkF6au6Ycm64DoHFUUJO0ejIty6ELpiK3Np%2FU3NNYk9Pdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837464496c96381a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6AD9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX.-d4mZ5uyZXnNkgFGR.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jglu3Qu0JLXb8WCA4o1IzPjbnO2wYnT%2FtEUxwRvtKVYDxwZIdUUN5343BPr7CoI9KctoW%2Bdl7nTZl7q5%2BK6CKee3AM1yuJOlmORkw1LHwUwqn2jiIdL2gNivksE1tbLHEbe6lHkhCHOi1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837464496c99381a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDckFANYyQu5vbLdVi1vmVU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6AD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPraDE3Fi6IEWydeVS3yk4A&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPraDE3Fi6IEWydeVS3yk4A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
an-x-request-uuid
cd4f5819-357c-4ec3-b8d1-f91231000e8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.184; 185.213.155.184; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPraDE3Fi6IEWydeVS3yk4A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6AD9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzOTk1MjYxNDA2NTYyNjM3MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzOTk1MjYxNDA2NTYyNjM3MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNWoYX4OEWQhgDIs4GxZAp3wxMCAzZK9y4ziTyLyJnrDxIe0eqj_jgG7Vc-NqhZB-Wos4zuhcY_6urdcdjgjz2m3U3y0LcDe7HWKDpDUlUA9F2Mdp3Tq7b_41jBhACqdVefUK1DWZwfVc4qiPFwvGUSgYAESyGLXlZW9woGFTArcR0BTAJA
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
an-x-request-uuid
16912445-2ecc-434b-92e0-6c59132a500f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzOTk1MjYxNDA2NTYyNjM3MQ%3D%3D
x-proxy-origin
185.213.155.184; 185.213.155.184; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211312164939157477781%22,%22debug_reporting%22:true,%22destination%22:%22https://inverto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210847158915%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214785666424595780097%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 03:41:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 7BAF 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
512973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 05:12:10 GMT
csi
csi.gstatic.com/ Frame 23E8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqadda3b&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 23E8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:53:59 GMT
x-content-type-options
nosniff
age
499664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:53:59 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 23E8 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:21:07 GMT
x-content-type-options
nosniff
age
555636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:21:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 23E8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
555220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:28:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23E8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CJcSadb9_ZaOWMb3p1PIPwu63gAq4gP7qdKX0xomFEorRo-2-ARABIKHh9xpgleKQgqAHoAHl16mMA8gBBakCDqjL0mBHsj6oAwHIA5sEqgT1AU_QEY_gm0aoTj0i3rLUQ3R_PEn3smpYFxaAt35sGHPbtKpt62CTGKodHewYsK2QhAopluho7xaNQMC_pZnqO0XfUV-Mnmtd62sQvW7OEiFQRqIy-TpWmEM6JMxVztvPXe3An7VbKUDwA1U8balVni3WSkg6GezUr7tNQN1HIv0xmv_1RILHjzNrppgSU5FOH8CWVW3oY7KIJEPAi15VTKZFuMjOGLSou0Ix7J6DQzHJLNsRsbs0OGkJeMpJ8r2FuUIzjDx8bXGHOozdJ8sRcXRnt3vJbzm3drwG2UftJx0qiNTyXZHcwLubibFt1AZ_drq1PldAwATe5bSGwwTgBAOIBeSB7d5NkAYBoAZOgAeDqNZzqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8IHNuYiYgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATmYv2FdATANgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1702870903151&ai=CJcSadb9_ZaOWMb3p1PIPwu63gAq4gP7qdKX0xomFEorRo-2-ARABIKHh9xpgleKQgqAHoAHl16mMA8gBBakCDqjL0mBHsj6oAwHIA5sEqgT1AU_QEY_gm0aoTj0i3rLUQ3R_PEn3smpYFxaAt35sGHPbtKpt62CTGKodHewYsK2QhAopluho7xaNQMC_pZnqO0XfUV-Mnmtd62sQvW7OEiFQRqIy-TpWmEM6JMxVztvPXe3An7VbKUDwA1U8balVni3WSkg6GezUr7tNQN1HIv0xmv_1RILHjzNrppgSU5FOH8CWVW3oY7KIJEPAi15VTKZFuMjOGLSou0Ix7J6DQzHJLNsRsbs0OGkJeMpJ8r2FuUIzjDx8bXGHOozdJ8sRcXRnt3vJbzm3drwG2UftJx0qiNTyXZHcwLubibFt1AZ_drq1PldAwATe5bSGwwTgBAOIBeSB7d5NkAYBoAZOgAeDqNZzqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8IHNuYiYgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATmYv2FdATANgTDYgUAdgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 23E8 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqadda40&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.12e&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 23E8 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DObd-PocqeEc71p5vKjNPhyZKvJ5jSoBOWwWJA9YFHzwQTYQc02_zn7L1MzwYw6ELrIBlvC7ErE8epamvNyCKBKI7Ijw&cry=1&dbm_d=AKAmf-AW2bXn1zNHyLeNlOEj60BZwWEIakQ7j52Fy5bkDocj3g23iss9IYa7eA6aPjIMZWsqoJUKCTdwTxsB_mu5H_iWX8apbXDS-fgZ_fLgAiPa--_15FMngSqxblAMZJWYIVuijw7u7N9bi8-lxA0snGIVwzagNZvENUB3xUL1JHVnfWFly0VG3RsarVRDYlwzqETEIhc3yFfirfwDk-B-lE3XD-5gdUP5dOv8t2tkofN_daECHb68eyalvtZyALbfKP7nssoAbzbfmjdBJCI7QCElm_69-rwVUhSPdz81t7rbpIEYDoJdVQbVeqneJI7MOi55LnsWFl7EiF6Z4k-Sac_EqjaUNBMcZOB2mPjlg1JBHna7OJ4H0DCS2X5nxIPnwLPym1Drr-S8RKAT82_oahhfRAUaBKaRgzVhoRlAA7LgPu-LnuFgK_hwvvqBp8O_RMYXY5HPaT_QH5V-8SHyUiv9-0edjESLfzoo1Aye9SLWX9wnGXfrprApK4PobFkLVNd5NlnNCKMUDOC_4MG9_3FFxLbRMqf9yTGy5aGa7UgJ1y75Jsm5AsfEgIgtET5bhab79mR_1d_Aa96jvVfGPXHaZOcwxkT_xhtwCSYfCTx9Nt5alu-a-qSq5J-0krOSR2Ewoj8d7qFBF1sFQYfrJyWgRPFPQvupJbBZddo7RO6WmrAfo5c4T3SDsmm1_faOKNlS6r1o3Qh1ctmKOZX9vOat2-bCg0rv6QIeAPFD6eiZ_hjkvm7jst7Y4UYevvCXyIa3jJsv5g9d6dxwGzWlNx6Reck_Sf1nU25-KBIJkmLtqlXhwzgmg0bcACVc1U0LVme8cQaUzOfuUBTJWc_mIQhWTP2LykLeboePOAV-Jgffcl5sxz40GW4UDQzuSVeepilqJYDNggpbJQ1ZjqOD_5Rgiclx5XiMXOpsygmLK5GaZwE8prsysnjs9hLDMoIV9FHua3GRerUVduJvUbImEa3d4t6oTzE5pBEE85nvvKeSXpfCY_wk8OkXLp_tgVzJBoWLWermir-mVZL179SZ7dGI8RcaUWRN1yBrEimlpM0Yhw5uquuPG7ICIhJTzPF7ED0ykqO59l2_FvXGEou-bP6n9CNiOTXtTUREVWwbRq5exCXvNDVqkhnPSPc5vdB3k5HjuGOoxSEWYyxXAnS-6h5KBENetxBjenDRY49tW_mFhvY0bOQJXAQB7l9vQm_C9MxAXeoizeIUuf3awtQ4RwRg5OSJ8DfCClhwZVDBSAcYWikNn6f9AYWtQwzbSEykvFg3an036LqnQngdRxyrkuPECiMfd37dLrFijiB3F-lqBcs5PnFMXnMYbw-F-6xHesr-27FrFWlOVfyDU2A9EMQoVSHEbnQ1utGUKq1tcAHj6Q8skRxDLQ8n6O3mP6o1EVtyWxArQN85IEbZn0Ud6kmXQk2BOxHD6mjwmWE98einDTbpNI8v_tZ7k8JEAmA7PTKked5SxlYq8x87Z3uLqVAkPQjmAUZJdO86livLTQR5IGryyCTLenEoYIjLxA7cevWKf_c_jnxlzxKHmVV0STC6P4hjvOpkjHTlWzmnLXVU5G_4UQIkrwTsJx5mI6zIiOwg8Iw5uiOsESRrc1CLRiD4X2U6ff0CDY3L99uoavliwmdAeD1lcWfzheAOXo_AAFlTHRBdfBb-RUmkQkDBmFLY-2S7tPYWhaw884q3igMlwkU9M1wotCr7hM8R8ZkpwXvW5jFjR0PY4QntSQWzdUEwRax47y5PD7h-e9yR9krwol9iu1xHNoSqycRWflWrwnT18n7dDX4jLzN6xRE8tF8DtFNX16XN3ZIE36d0Q8vJT7aYQ83MYzFlG9J6M4QRTIucJOIIGKF2nLcUPBRxvM2NJ_iuASUNfe4D8g1EDkPeMuhyn1LhHn1pExPmDorUgGqcEJBXVjwSpGWf2pH_qXbdEshx2rzUykN0YXO6oN5rHjcaNz28Eh83Uqby6UmMXoc2GrJeYEH8IyWFxiyXUr2GE7xZljkBa_VeUtII0C3VTvANLPw4IGpyUu3fTv9Qe1Jq300k8Wrxp9mCsbAJXbBN8_BV3pnGm6BGRsp6VToIt5oucvxkqggLteRgI6bqH1ReOrs2GxBsj-VZtjYpPPwhdsG_q_mVeiZDfkgWanqssvK0S0WW8fviens5kLeD_jAbKRWP6C-6mx5oI0QJz50SUDZvOuU9a7JVGHof8CGWbt0dodzMwWmMs7gjYUg28h0SF4xx58_4RvwDQkESMZRIQ2ygYIaLnf-Ql5OQpizaXQ6vFx57EdayX6xifn9Be18ARshZ0THyvirXvh4TGG3D0b2NtX0ojW1Vs-5Nst7KAH1O8BXLzm11B71fDzBnUH0nkIa9g09pnrUV1473SLnhFPsl4ajU9uw4AaecxTiEt2mDlvZS1InJv4fOaWZvujSwXA_2pzm-sgqb5noByuRk-JyiZuBwXfdJoij6oxnNXU0QXOzV9CGnMZNdf6LadNJ43ZEjkkfZLwRkNwuW9do1qfaOoMoLv3SMqpRdx57m3oYpBVNE43C8p7ti0pXQ-w1lcsfMYrUzL4r8HRVytZNMgA1_oV2uajypNgFffk4ngmE-3skaQxhDLZj1emXshZpY-v0XLllXadRIxaRx0cPfa_fjA0AYoWXk5OlV0R9N6PK1qmpOgMxZ-9DKFXl1C6Vpz7wDXGlx4KmjZXnfwrmsPhr7TdgAYH5HpZnql53kenQIeFE5FFaJtyIlVPl5qtlBAIKZIuupaVXLeyqvkYHgZxjjSiG4Ukf_JWcGnN1MdPyxXavt7VzCDvHTv0y1lz3xw3wawFZOfsK29B4SBAXOss65dqzQ-4c0o5C_0jjlU-6z0JxqiPJGnYnUgOxpsafUVtoIrJ3i8GiKD-z_HxLpiUuB5Ff0IuagJuCEsLKiRlZTOi7HeUfUrAw1Pake9rL2guy0ci7ffETRcUUPW3lg-rEOvUDZwdKAY5laYZbrgKyycighMgoraSz1uv8ONZsKROcJvSPJcU-4aMoXywEr4tWtCI-6mjTkCPRHcWNl11JKcVS6NmZtXZNV7aqVu_0TvBaAJgTcyRVD8KNkIeHSOENDJuiVqSwWsqJHHhG0qODPYLAQQeHYJ_gY3tjFmtWfGtUQqHYVtxwnYXRe49pJ6sOYkuzH5iGALRcNdHlezEAVTAR-1RqrNtZYRMbdSfiED62PmjPJkTimkEkIhJClx3J24WGaRuh93PdkxP9ZNWN0jRy0pgSQxP5aDlyIkZkomXiXGnXBfaeL9C4tmFa8QiJMBnLh94xBsVR_x_cNmOwkyQ8b35ADHxxliGEAh_JTCIFj-l9yyDd48vLIJ-0h3xpORakmLUpXzojPXpY5Ayi9hyxVi2VS2U80IwdliqOaEp6VcIcIW9StNphN4iWCR21pe1uqnK4eHZsjpgv89zyaKmyU7KB1l0l6xYXql49lTIz_eIMiXsheXKRu-Y7ijaI9-uXB4tMw8Uzn381bR45WTQAf8gL0b3VfVvgcx3v3qj6HwkEhKoiB87yuaswMadCJCAm38fbz9dBVCSPzoYH4Ub8&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
cafe /
Resource Hash
05b98e7d4e24c87832915625503503e27c8a8bab18dbb6e5e7360f1c0de9ec8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17476
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F0ED
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CX4Fgdb9_ZaWWMb3p1PIPwu63gAq7w5TQdPer6M7LEdnZHhABIKHh9xpgleKQgqAHoAHI0tXJAsgBAqkCDqjL0mBHsj6oAwHIA8kEqgTNAU_Qt4rssQqkpkIqCOcNSoPQitnxin4elWWP_Nw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213637228276683144817%22,%22debug_reporting%22:true,%22destination%22:%22https://quirion.de%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213637228276683144817%22,%22debug_reporting%22:true,%22destination%22:%22https://quirion.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22691366216%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216687409574208261585%22}&andc=true
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13637228276683144817","debug_reporting":true,"destination":"https://quirion.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["691366216"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"16687409574208261585"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 03:41:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13637228276683144817","debug_reporting":true,"destination":"https://quirion.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["691366216"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"16687409574208261585"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 5061 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac7f343d244a9728cbb9c1d59c6d69c6c4eb4c32a8f2987054d8714ee3d969f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F6BB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
29148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:35:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F6BB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
30863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:07:20 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F6BB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 03:41:43 GMT
160x600.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/ Frame F6BB 		82 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5faa1b094a8f190e47e28ffcc8cd9bbb77c08c71f99e14338a5b1e113b936635
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 18:06:09 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 18:06:09 GMT
age
120934
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13421
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 11:35:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 876D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1&google_push=AXcoOmTkDG96uvs8B3k0_G5I80G8Q5oZtiMY4iupl-dzfeiieb21Z6vuaZXxouSfY3dWfx6zxhjdWlTcoafEgI-BNBLrNlmZ5X04EXM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzODU1MjQ1MTIxODI4MjY5MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwSf266JBg4iKbupZbUlfI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 876D 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM2vU3lgElc8iDAOfepihnY&google_cver=1&google_push=AXcoOmQ0i0f2E2Thc9fkcKgyiAMXVJuVuj-MPCpiXW34rvbZxqDwUBQ9_v9EJugC3EdIGP_oZ9hXx9Ec4oA0r79sSvL9RYy7gJyLhjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 876D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejceP...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejc...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83746449f8651e20-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
718
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6xUDXWs-KcOJ5gWPzrTDZ5JRQVmn3wAxMrfNVW05XPKoQC3rNxDj9sYGYeuu_tF0shgJ3qUPvZHMZ1MnRazI5nwVlejcePQc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83746448ffa91e20-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 876D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPBRN69fWMa4KBE6miDL5LY&google_cver=1&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRPOTmOJYRSJ9OWmOM4
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRP...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRPOTmOJYRSJ9OWmOM4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQq9BSaER_beaMJm0ipL0xvpsFZYU6cjAGpmZXetmbgsyF6aASFjhuTUDjXX70Kv6bMyNV1F2Glm_UtXRPOTmOJYRSJ9OWmOM4
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Dec 2023 03:41:43 GMT
pixel
cm.g.doubleclick.net/ Frame 876D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI5vKANi6PWSCgaeFhHBygM&google_cver=1&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPv...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzc3NDgzNzY5ODUyNTM0MQ%3D%3D&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPvrM5e...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzc3NDgzNzY5ODUyNTM0MQ%3D%3D&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPvrM5eZUYDgS2rQqaDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzc3NDgzNzY5ODUyNTM0MQ%3D%3D&google_push=AXcoOmRTZ0Tmg0uNYYWo6cdxFStnpukv7EFaskGmdCC1cbr6uzMt1HTZxCGAJ8C4c4qEjA-qGCs7EWM5yIgpPvrM5eZUYDgS2rQqaDw
Date
Mon, 18 Dec 2023 03:41:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 876D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9IkKgm2isZUyMwlp6J31k&google_cver=1&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOA...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pml9ynw8Sr8HvTKuZ3L4KQ&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOAVsftXszqaQdHeQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pml9ynw8Sr8HvTKuZ3L4KQ&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOAVsftXszqaQdHeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pml9ynw8Sr8HvTKuZ3L4KQ&google_push=AXcoOmSphVQiwXou1LeZ79dk7pIeSmF_UjEjXXUWyw1-Sgqvv8nG5mEkoO0qjY_7BZXEYYsc8vs05pqWs4A37UOAVsftXszqaQdHeQ
x-host
tde-deliveryengine-production-6b95976987-tpdff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 876D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZd...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0MzA1NDE3NzA1MTYxMzgyMg&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0MzA1NDE3NzA1MTYxMzgyMg&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZdylaoLq7YpQ76n8n7erZZad8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0MzA1NDE3NzA1MTYxMzgyMg&google_push=AXcoOmSh9uzDM6vyIk699vAgwSIE0neo5PD6t8S9HHYlTc1RQ7NlthJ_0cEcZNSwTn-8gduxIsQSQTZdylaoLq7YpQ76n8n7erZZad8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 876D 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LchrOQ5ptwglLLhG1YI3w-l3SAWnR9_7GYWMJR4tKWKv2TQrpkzyPjcoasDuFojET4sS5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3489558028&pi=t.aa~a.935873299~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1843&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280%2C1138x90&nras=5&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5C67 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
498496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 23E8 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b726099d4a7e43b1f79dea41b13eec1dcc53e1c96b390417faa7c3d94798da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 8DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAJA-zO97s14gsVsfCVGpxw&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAJA-zO97s14gsVsfCVGpxw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAJA-zO97s14gsVsfCVGpxw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 8DD1 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 8DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECrwtC-UGf4Ad7ER6TkBb_k&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECrwtC-UGf4Ad7ER6TkBb_k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 03:41:43 GMT
pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECrwtC-UGf4Ad7ER6TkBb_k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8DD1 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARj6pq3xATAB&v=APEucNXab3EZF82QIgBnn9qcI6iWmfiEbK-Vh8HmDUIEA0H1q4WHxCXAqoM23IRbW36ae-6W0285Ves_04Cqi_EsGRdtE55Z4yQKHOUyNfS95nQmI5LqM90vUdf1ANaf_WBWFCtPD8F9cBpdT0fd_nk5_jdsEVOwVNGBmWom5SN2Rc9eUQ9wDl4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 03:41:43 GMT
pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
view
ad.doubleclick.net/pcs/ Frame 5061 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuqL8MUk3C20-wQ0i6aZ6CBH_0zAOm0bH-ds_qlZwm7ks5Znn48cfSf_zYHDF9bg4cBw2mt0ZJhXlg8LO66Ckrr8Siuv7hF9Ynq7tw6hxg51W_qpiKTb_-Z98bKGKRCv6ALurtAFIwpOhkBpnm21MxeF6UwOEG8uU3OrISHHKzihIJTAmjeIDrmOyXfecLfzNS8WY2jKPSHgfFoaPp80qfULkA7L9Lknzgu4iBx0CsxCPZn_odf87xtqPq21NcS7TOlGFz-YBydkfqMP6CLECFLkGkN-bXIwOg6WFsKZtxAsfCrVZQOXI6t_pDMBAMj5vRaBWE9-h6CcgzgHviDtRLUKtZLt4Fq3zi_BMDrMCXJY4NxkI84lwBeBKbWDd2JnH2uxZQelKB3F9YoKvSqrCmiEWoomnHtmNfYcbO8-UA39livpka5JzW3-YxaQRVoOsey3R_Cg4bRKVF6eYCnVUgxVcVp1C2EIZ0m3uDuq9JkUGH23rHgOt8776QM0hn6sLddEnWLkBbPhjW2As32E4KP5CpR4YIx8aFnzJZneADh0Czh9-e5MKB_gpKubjR93i-hlALAxhTz-ooJmrWnKtKC0uzO1vzqBavGHdUv43Iy2S2CLGsm2_OgJKz1e17f-DKV1N7diRYQaX8umvyI9yJjq08mkhz-d3WG2SGTTWGweJ_l7aN17Qvp-qcba_wWb_tKeFv96jMib18zEbcC-OqxcQSPoTcft8yd4d_RDPPeaezcY3poU2ckxD9cTQ-m6YdDYOPiwSabWVpwzbfUanFyPcPGCCi1lvJ0cruDU3SjLu5XNPLRArvlVEWcT-hJoNI6v_XEDuyse_2NtAISGz2hYNkyF88NaOvPFi_8xzdYzdSYOiSeyR1tMwVnF8J66RkuyxxjxfjjmiLK8ZJ-tykQAHI5YaOVvXYDtoF_nr-JWe6NlOq7rNnyI9vARjkzq9uux_F1CJohNlEcM4kwmazhn8m8bAKpUDj9Uknjl8PAS6CHFh2DG_bjy32fRVrCANvulkprYKtWI1P-KNKTW8XaunZ2e0jWA55nJg7rRcDtrhOA9iDb9X5yBHEuuHMF_zi0Nziwo7EF7j2bN7g4hsKMmoTH55blzYCzI3TYOs8ipNLZTx9AwgFxdJUvi_65J9V5pFE1y2Z3ueKHxu_YjZ8HicwWuVDMW4gJ5x8EK4Ze2N4YoflQPEVZzdcZ7m6L44csVXD_qAP0IUndGMdyDq7G3Cf_Uawg2-wWZAFISWa8hMFPQvDPf4j5BtG_XkF2du0rcdOSWTi_dUyV6WI66m7Eaw-cGsjz2yPphvn03aF-2EXMmUOWPlfG6fnJS5XAkv34bC9q35YlpgWUs2WOD73sL8qHmIoVBNGc-ezgsWgkLJoFr3oORUg&sai=AMfl-YSoTIQ6vUQNkABIRyydJH0wEK4z_oXXAC7mHPEzS2j0KgJi9a0scNHY8Rlyg47WtUqlmK4ZMzrijMtWqeUAKeerX0k5e6vZBFU0ZfGF-Dw_kXgT4DjS53E7xFYawFFeJme4AahZEQ7H3YwfNAOtyrC86z-fUcl6eCurayiQ8Tcnkc0NARqohRAOaW0o6TAdWKgkaF7i76NskqdrfzbIEJ6IAE_dDyFccGANFGqGqIh15FcHlVig_X1nOCrOExNKyPiMeI9fUi2KW9fpZpoJnIsinhn6J7tI6wRehWCAJz_QcfYO-h6uwmJSEXD2-tVS61owcSTdKJULGMBBAGaW08C3UbG_LaqvfJAjj8KndvAwg1WEDFRDc3nj_k95tBQQLoGF80mNQNbH3YWAW5vQN1icDonhQUrpugbCS48uk2iFWKmhDg&sig=Cg0ArKJSzLY0J47uR0ldEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=188&vt=11&dtpt=187&dett=2&cstd=0&cisv=r20231207.66187&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 98AA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd98ba24c35076eb7e4ea1e8a9c16d900c373ec1916b59e91afd02cda6393ac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3333 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
498496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3014
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9NPrwQFheNRhETiZRlKeVvlYy9wsPsDrToQ7JZbdOJVWLfMN4bSb7cWxBv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 03:41:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmThE_Iq9CNO1k6rJe43UG0M-UPP72WGP56XOmtKpI9NPrwQFheNRhETiZRlKeVvlYy9wsPsDrToQ7JZbdOJVWLfMN4bSb7cWxBv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3014 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPSX0SIK7nW6YnrMDzHRR0Q&google_cver=1&google_push=AXcoOmRZWxc7-w2FU6gmpevGqexNyQhXwmuaCZF4XU7n_tMYA8bu3yo2SU5CHFQVM5Rsxk-it4JWSphjOmMlCPeQOPgO1Aqqs2qeqMGQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 3014
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9IkKgm2isZUyMwlp6J31k&google_cver=1&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYB...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qr2qCgzmQTs1E8jqaLkD-g&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYBuf1t_isrWZdeD4i6
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qr2qCgzmQTs1E8jqaLkD-g&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYBuf1t_isrWZdeD4i6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qr2qCgzmQTs1E8jqaLkD-g&google_push=AXcoOmRhRbKMpGemoG6p15tu9aT4J3AME63hJhU7J-WlsI5oVTvUXxduYDBd0UDUHVEhqHwcJ8JD8GPLyrPF4WYBuf1t_isrWZdeD4i6
x-host
tde-deliveryengine-production-6b95976987-x98q2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 3014 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKHN_r8pxSQZdALiJo5ciQ&google_cver=1&google_push=AXcoOmRRT6KK4kK1aiOUml3j3stho4dPXAJ0g16DsT51wrGDhu23qzamqi6leL8CYhoEOwxb5dr_pkoNscoDkERAjkhWUmoltcODFm4L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3014
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECPCKbp859XjJzmt73APUok&google_cver=1&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j13yjKjyQ&google_hm=eS1OU29OQ0NwRTJwSHZ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j13yjKjyQ&google_hm=eS1OU29OQ0NwRTJwSHZYdU11MmNicFNuSkVwaGoxaUpYS35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSSBTgBRonFPJ_RGhQaKonJExwZtk2DsvsYQBbsmGBtvKXoBM7kwU1QDJfMDoSlFshQMow05SG3Svq3dVd4o488s_j13yjKjyQ&google_hm=eS1OU29OQ0NwRTJwSHZYdU11MmNicFNuSkVwaGoxaUpYS35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 3014 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSj1jzslz7pz3uf7EMINJlrlWRR82_9RtWUTusbSw_uK23Z5LIge8I-IkwM7oENEwwzxPkufYIQLfu6XgZaFfhkS6b49NlC8wJl&google_gid=CAESEOiSPzCRIXWz0XUSBBS1PiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:42 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
243648
expires
Mon, 18 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3014
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51i...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcLec882OyW3XiKYkfmiIU&google_cver=1&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxNDk5ODgzOTgzMzQwNDQ4Nw&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O5...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxNDk5ODgzOTgzMzQwNDQ4Nw&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51iP3F0_I1AR-ewEvqeE00QrEbH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxNDk5ODgzOTgzMzQwNDQ4Nw&google_push=AXcoOmQeEHoTcx4pmfRbK7uZChof1WFeQUkTwapDLShfqMoiDq_XGlFBUZ7XaQwIAvOfbyDYgEv0O51iP3F0_I1AR-ewEvqeE00QrEbH
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3014 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JE9wn2v6hMYxUNE5ZGCxZ_1Eeu3ITraxlfapaBf9Q6hxnT7vvOmwOl5ivgk6utMsHy2lsj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=90&adk=1429993898&adf=3854508433&pi=t.aa~a.935874314~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x90&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280%2C1138x280&nras=4&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
ad.doubleclick.net/pcs/ Frame 98AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstw-2A2jTYstANAJnBKOSgWz_QehOYlRffVGCDU5jpZokx3zvFIC0Au8AOVlNtojgixU7Fj0a3ME3cwkQ8w-f5wKiu8IlfrhRni7pSax8zbbCb7sTCCer1EBrtlrJ8ik2X2uCxJ2Us9s9INI4wMaq76nMwAm8vbpqr0LrwLk7lDGYfjvmnKQaJJNw-hgTq2bERUtpWZGtkCcxTiqaVLyT6Jxe-vLBT3_Hg5b62U1TL9pyiKWUH8617UKh51VYpBDy2uBbEuVl-6wplW_YwmfinPW8mghcsqWT0VnvtwaGUh_CcBVl7QJzxI6F88sMhEvNfmGE5nfChgVnWqRhJOZUzTXpi9cLW7uyQB7SYgIU4c2crvIAKizfm8tj0u4CKl6_E2ZsPvo4WVtUeBHP4Eu7fPEhmrpGPAxq0Qkc_hzf4y_-Kfs_dIIWFC9e3CJeNiMsoejEiq-EbFiMMEvPkhbyyKUQZS-2QJNmXr39yETy607bqWFgL1vAd9LXDDOV_z6XWIaQbgESG5K6l4L6g3fzpeFey-EZqOkZsQFck-tEw951QMvN_JlA2OOOADot1So3SMl1HxmwtPLtT4b8PRvzhI_AK3Az0DkpFK0pT66a1FUkNiwfBePVSv4-QTxLaHCavX-8Yo-pu6wyWU3tHGxtmf6lR7V-G4OjtdXnML0rnId32n_7KEiUOsIE7xytNWJ4jA3OmPH2kddqCvKF-8jv2fIZTHKfu7hHrPpCmC68x8OdejQN2g28ciGuY6YuyuUVeqq7r9Ti4trpjkpU7vrI-Pw_7JSR-5-X0M3nH-Vcnuf0VGUl8Ug51tUdxNF-jKkGoPm9l5mZ-Xip9JRHKtfq_osw2R6B3HMYl9cakZogOi8WMakyEunUpnK8UEExmlsMy34QrVlmcFk703MNHIm-HrIm47d5lk_cUUKLZPHkvkLZgNAqIMwCdmqYyDgLh_QtKKdGJ_4fq786Y2vMjoh7U_4VlBNSwWqJ8J8WyhN8xrPKvd8bVxVZAhrRxFYoJ0b5lU3-HWTCjnslYgitRITpjeDPQ1YbL3_kFTIF4F1e8LJ_tq3IQBiT35p28tV9l1tXHceWVZrl6EqhgDvaNbsNWwqRPVQ6s3U7qBv4_DyrpBH4uohdskjd2COoGqy06WLTAoz6hbsZlFOiOLXJH1GHVNdfNak8zQqLd8zh6DHdbYv0Vx95ix8MWrL7uqd8NwAZ0QGYmMRrtCIfX8NG69bpnMDhkzD_pTNIBnUZMkN3OpGo4DPQR5Y64pkpZ0klF5RjcImetBU6ElVtG550_hradhvanpYos2G-MPLWxEEfTscPv0EfNDMz1JJJP-uak3JuFMeP2o-Htv2wrEmvwiMIUX6JLmySuohsL67DDIFheAoQj_s949jnEX4COrVYWbb58&sai=AMfl-YTQM7TKAvMzik7N-HUOgFoGncD_yukJFk5-2cciMDm0-oZxv1YMOXmPY3_8bEZTlvxXkzOMmz_by6i44wbtZQmDsxMnwTWk7al3KO9K_gfyvXpOtqVcKgKTc4BdHQ3J2CDorXIDzxqMPYN0r0ndBGWWYIIrgjdUWCX5zpNuh2JefqlaXzc8uaOnFx8ox-93rnZQhg401pGatyPcldkbX7cTmNjzSbkVd3RMRc-Q2ZRfW81boGBvLr17dfqN-euJOBXTHMxoF-02JaHwb6d4AtfV1bLQAAgBDt5f2VLbVgdnoA3WvKwUaD1cmrpxZJadx5CUOTMidjiOc6hZaoUH6UlqHRfO64ZCbvpOSBHDgBIB93TbHDniOtEHRxKwgVS2WCalyKT9Dioke-9uVd2XiEmfBx61PqC0e1TtEfBGjj1ub5pw8g&sig=Cg0ArKJSzOQGn4iQEoKmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=162&dett=2&cstd=0&cisv=r20231207.85938&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: giaibaitap123.com
URL: https://giaibaitap123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 23E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CeTWedb9_ZaOWMb3p1PIPwu63gAq4gP7qdKX0xomFEorRo-2-ARABIKHh9xpgleKQgqAHoAHl16mMA8gBBakCDqjL0mBHsj6oAwGqBPIBT9ARj-CbRqhOPSLestRDdH88SfeyalgXFoC3fmwYc9u0qm3rYJMYqh0d7BiwrZCECimW6GjvFo1AwL-lmeo7Rd9RX4yea13raxC9bs4SIVBGojL5OlaYQzokzFXO289d7cCftVspQPADVTxtqVWeLdZKSDoZ7NSvu01A3Uci_TGa__VEgsePM2ummBJTkU4fwJZVbehjsogkQ8CLXlVMpkW4yM4YtKi7QjHsnoNDMcks20mwIcGr-0_qDa1boEAQafQFRY7kCjvN9mH4_DR7yG2eYzq5qM6EF4z2afXWgsXyaCfWvvDYfko4rKiIwagxVjLABN7ltIbDBOAEA4gF5IHt3k2SBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4Oo1nOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCo7ioY3czKgQLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCBzbmImIMDgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECsBOZi_YVyBOop4jkA9ATANgTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi04OTY4NjMyMTg4ODk1MjQ5GAA&sigh=_YHLf3iLiIc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213637228276683144817%22,%22debug_reporting%22:true,%22destination%22:%22https://quirion.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22691366216%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216687409574208261585%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 03:41:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 23E8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqadda49&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 23E8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 19:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 19:31:47 GMT
file.mp4
r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 23E8
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05B5B069A11296CAA91563E7AC8C02F934FD3E7F.0F4C7F7C979002149F4E70AECB2FB32F7175180B/key/cms1/cms_redirect/yes/mh/8C/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hneknek/ms/onc/mt/1702870008/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e:16::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 03:41:43 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4121908
Last-Modified
Fri, 15 Dec 2023 13:42:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 18 Dec 2023 03:41:43 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05B5B069A11296CAA91563E7AC8C02F934FD3E7F.0F4C7F7C979002149F4E70AECB2FB32F7175180B/key/cms1/cms_redirect/yes/mh/8C/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hneknek/ms/onc/mt/1702870008/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 23E8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqadda7h&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1997&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.15p~videopreviewvisible.15t&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 4180 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:58:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 03:41:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4180 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4180 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
16886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4180 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 19:37:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4180 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 4180 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSv8wOBJVzgq3msH2oQLlIQ08g25ttbOyxoNVsd1S87W714T60pLRM0THen9CQvpiezSClLK-NTwETlrKwiEE9RR0tyHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4180 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 03:41:43 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 4180 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 5FDE 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eY9WhQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 05BB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Mon, 18 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/2729179410505685469/ Frame 4180 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2729179410505685469/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2742a825212212d07c51273076d1cf775c99a5e350c5552e73ce474133ff6c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 23:02:27 GMT
x-content-type-options
nosniff
age
362356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13219
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 14:30:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Dec 2024 23:02:27 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/17288366202876612457/ Frame 4180 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17288366202876612457/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbcf255e0a0775df307e7e5012a68117c5af8c0801e821c56b7368231000c155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 00:47:17 GMT
date
Mon, 18 Dec 2023 00:47:17 GMT
x-content-type-options
nosniff
age
10466
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2275
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 01:50:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
bg1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/images/ Frame F6BB 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/images/bg1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5be42e117359b36390b264892f3ce0255da3d6a8b31555d573d45f15d0463cf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 07:09:22 GMT
x-content-type-options
nosniff
age
505941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42068
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 11:35:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:09:22 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5C67 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Dec 2024 08:14:44 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3333 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Dec 2024 08:14:44 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame AC00 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
507921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 06:36:22 GMT
expires
Wed, 11 Dec 2024 06:36:22 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4180 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
929441372fc2739abb378ebb95718a37fdc288d0aa143512ea236079c0bc6290

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 05BB
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM2vU3lgElc8iDAOfepihnY&google_cver=1&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvt...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvtRgBTzzZYIZ1h3jL3ocjmEcKnKSHelDluwgpAc8e8V3lxkU&google_hm=lQMt3KGo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvtRgBTzzZYIZ1h3jL3ocjmEcKnKSHelDluwgpAc8e8V3lxkU&google_hm=lQMt3KGo9pqmUzUTJ6jf7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWkr34fcpWjBa46wDP_oBelqTj_O3H1zi6H2wmhWGdedNX5bibvtRgBTzzZYIZ1h3jL3ocjmEcKnKSHelDluwgpAc8e8V3lxkU&google_hm=lQMt3KGo9pqmUzUTJ6jf7Q
pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05BB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmRv8jifpzGNmgudzkUoTkUG-WQMU4NC-5hNIUqLQME...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmRv8jifpzGNmgudzkUoTkUG-WQMU4NC-5hNIUqLQMEHv2xoIoR8thh977OBpCo4I8TEUgC-HSGAdf0i9p42m_qzjeb3n8SI9ruU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 03:41:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R5NVBZMGcxUmY0dko1&google_gid=CAESENTgrC5Tz0hHyxcLjRWgogk&google_cver=1&google_push=AXcoOmRv8jifpzGNmgudzkUoTkUG-WQMU4NC-5hNIUqLQMEHv2xoIoR8thh977OBpCo4I8TEUgC-HSGAdf0i9p42m_qzjeb3n8SI9ruU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 05BB 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEP3D1YTvte11vlSR7JJwXIM&google_cver=1&google_push=AXcoOmQ4svGzK6IFw7FuFgJRbG8eOqFwgiV9_3nXN6K6Xo-np7tPPK0G7KkWMRSag3Oq_FjPHAI-4EeX728zf-AibSgNiKExQWMHE0ck&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ4svGzK6IFw7FuFgJRbG8eOqFwgiV9_3nXN6K6Xo-np7tPPK0G7KkWMRSag3Oq_FjPHAI-4EeX728zf-AibSgNiKExQWMHE0ck%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8374644a38871e20-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05BB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPBRN69fWMa4KBE6miDL5LY&google_cver=1&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdYwxDHip4M7zXbn1u4w
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdYwxDHip4M7zXbn1u4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 03:41:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2BED6B3CBC114743801263538F3F4ED4&google_push=AXcoOmQRw-NbY2_pnmm77XvYD8L4pv8TLm-qw8dmgVbSC1xjaWcb0WwoAWe6VKxxkDBCCl-gnzS5IsC5vMZCcdYwxDHip4M7zXbn1u4w
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Dec 2023 03:41:43 GMT
google
match.adsrvr.org/track/cmf/ Frame 05BB 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEG1t0UhL3z1Rhq0F2IPsvug&google_cver=1&google_push=AXcoOmToILC9B_Tp6xx4HjIPto-xKtztS_tsfRwrdl16VkxikVO_DQwVvc2i9AhAQ2uIRn7yKA4UCvIr5uLq8X5E8v5EGrzXTslXI81t
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 05BB
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEK_RQfB6kkV8VZ8ATX49og4&google_cver=1&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY&google_hm=Q0FFU0VLX1JRZkI2a2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY&google_hm=Q0FFU0VLX1JRZkI2a2tWOFZaOEFUWDQ5b2c0
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 03:41:43 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTt1JJH3LFYU0Wp7a7zuL8xo0vcdGC7wAmsoPM7gNrgANVFgINIZYJMchpfOlGtxraC1DdQXepuqn-5F5J4IkLenaeeSojNWlY&google_hm=Q0FFU0VLX1JRZkI2a2tWOFZaOEFUWDQ5b2c0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
x.bidswitch.net/ Frame 05BB 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKHN_r8pxSQZdALiJo5ciQ&google_cver=1&google_push=AXcoOmR8xPiW1A9u2YD2FrvUsbwsAmvnVkO0jBVUgiUFWyng76H8tvAJjFSVjQxllSlpR_B6__Q9cbP0guqowALwlT9Irxyh6ZiLMuY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 05BB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTPpHPN-fJxM5czQeHU9AlMo6QpTrxwZBkDOJ1C-7Qli0v6jSyGLlgClw9Dge-N3rH9Zxj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4180 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:10:14 GMT
x-content-type-options
nosniff
age
498689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4180 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
555220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:28:03 GMT
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame F6BB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
512973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 05:12:10 GMT
bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/images/ Frame F6BB 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/images/bg2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4239b363241ef7998e7657d7f704e44b6f39959bec3b10da75fd1d742842b47c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12141620464900969276/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 07:09:22 GMT
x-content-type-options
nosniff
age
505941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33718
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 11:35:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:09:22 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AC00 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 08:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Dec 2024 08:14:44 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 4180
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIO54dr9_ZcCwK-Tyx_APxOSvmASftI7ldL-QxIXMEY3m2r_NARABIKHh9xpgleKQgqAHoAGszrDRAsgBCakCDqjL0mBHsj6oAwHIA8sEqgThAU_QutTVJEJuy33JyufdcjPbPaFgnnxUGO5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2267782795486458658%22,%22debug_reporting%22:true,%22destination%22:%22https://immucura.com%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2267782795486458658%22,%22debug_reporting%22:true,%22destination%22:%22https://immucura.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22707536684%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214433656439089734753%22}&andc=true
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"67782795486458658","debug_reporting":true,"destination":"https://immucura.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["707536684"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"14433656439089734753"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 03:41:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"67782795486458658","debug_reporting":true,"destination":"https://immucura.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["707536684"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"14433656439089734753"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 7257 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8968632188895249&output=html&h=280&adk=367633975&adf=401861485&pi=t.aa~a.935830049~rp.4&w=1138&fwrn=4&fwrnh=100&lmt=1702870902&rafmt=1&to=qs&pwprc=3016507311&format=1138x280&url=https%3A%2F%2Fgiaibaitap123.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702870902683&bpp=1&bdt=1842&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7353f2fa860ab529%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA&gpic=UID%3D00000d1e38ea9ac8%3AT%3D1702870901%3ART%3D1702870901%3AS%3DALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6075575744906&frm=20&pv=1&ga_vid=311068260.1702870902&ga_sid=1702870902&ga_hid=851941259&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44809005%2C95320884%2C95321230&oid=2&psts=AOrYGslWyq2DsHZw9eZ0CSGvIXC6EmTReRO0GI1NaZx4w6EB6zRH1nuF5wXIXcymNyUkgy5RKD0DIGpImOEEmnPQ1Bh8GvM&pvsid=490238894684156&tmod=995780098&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
512973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 05:12:10 GMT
file.mp4
r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 23E8 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hneknek.c.2mdn.net/videoplayback/id/288b353bed5a094d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847095775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05B5B069A11296CAA91563E7AC8C02F934FD3E7F.0F4C7F7C979002149F4E70AECB2FB32F7175180B/key/cms1/cms_redirect/yes/mh/8C/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hneknek/ms/onc/mt/1702870008/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:16::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e77ee4598730f635a325154e615a62a515c6b10c445497df7c5f3e741c24d0dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 18 Dec 2023 03:41:43 GMT
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4121907/4121908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4121908
last-modified
Fri, 15 Dec 2023 13:42:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2267782795486458658%22,%22debug_reporting%22:true,%22destination%22:%22https://immucura.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22707536684%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214433656439089734753%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 03:41:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C67 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bomvtdr9_ZZXgK8eXgQePra-ICwAAAAA4AeAEAg&bg=!9_Sl9LvNAAY3kmNgF5I7ADQBe5WfOHlyI0ugcIXveE3KK0uHkLYquf-xiKfTX8_64fgQrHMEbovOc9DEo1UjiJ_nij9VAgAAAIRSAAAAAWgBBwoAHHcIP5vjeGzjSyEHv5hHlUCfJ1NFFrCfcM37cQuZA0xlbfijzvdWUo1nev_jdmlXgiYy4mCJKTOga7n2bzykvrjFrGBKu2YOFkd3caEMq8uasWWKMg9nPK1PgRlueP6k5lqAQWT1G3w7CSuZX_DrNzqO3eZb54mQ2rMW3oS4mL3zMM-mzgYFl-MHnt_0gCFbHnrQaaK5eDuEPPHBPRLDQ7oPIMICEn2Gqy5FjyAP9xUF3t3zaEPpbd_tX3XwxVQxjNP5emUJhbZkPkGgSFsPBJB49d-m45HSjs2Ou77_S_aSRLRezLCPpWDkzdbWv6nx3lGS0-jm7WfzTnj71KkDFdJcxjQVO7BH3IOKKg8JzukytxKz2KZoS2jQebXcVkqQzE6mEEZf7WgNErGt4JmNiuZzk_4yCOlmUurQiXq6JBwlI4mD6lhg8Fkt6esh58DD57mfyhcV1kEZpfD_6KO1e8bRXTCtsm1wDzE6EIxD55GvLYFjLBaRXSXRevOskwWhRBUv1mRaK43u-cQzgyDbrRaB8ZSKOkqe3GYlaF-7oAQjaK4ziBTuvHO39hj_k9UcRP9Iww-j2lx1q1O7-liobW1NG9-_cRhpyWUiwq-OWxG4g96ojLY71ryuZfOBEgzz99zP7PJ0ZtQRlINfTrBVttJ7pgT_IC_-j7L3wiUWMckmL3Y3gogoQq3s0K2Up8UBQUNqtLupUL_WaJArk3Zd0DFdQLGTI7mc-Qu225xfLN__mJipBuUDJ0BCpA6tx0uMwlQ2WTzOQvELC7iELhIVg_N-ArmEPIhdtr0dyrfgM38mTgfQ1ktmcKdiNwXTyrEQgGbLyCOZLhkBGRMwBY-1wzOl5P53ZB462l9zrmdaGLVIR1Mfs_vOit028_UPnchz6ihpgiZHBmBUOkJTCaIAEI2WDOP0eCSVzjGA690Ls0bIjdQznIwTKP9pZH3ujMU-6ksolDlCzExyn-rt1YsZM_jY0J599zRVI2oNkj3wulaam7AinzWbAlNPmrkH6SHED60LccSF3GFNduPeWlL1tegPTKAuuz7fAlVjGXdARuO3gF_of8BKODzPfnuYxOBvv6yTUxtFrBAQ2On72_y4EGMd6R4e_OTbdIighZaPcEHtTvRraS6xaWTnsezIvqt31uybv9LHoKGK46-e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C8DA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm1H-mSu8LYeVjFb17VdGoaVBWIyOs-zoaWZ7H6nvkq5tPD1U0voqBKAbkTbhKA8yUH_dwOUvC8p1weZMFBeT7IZkTG1YTxjvopuclnZD1klZouxuP6gh91kZ3iLG26hWEXxAW5pmvYiUFkFEaye_A_39o&sai=AMfl-YSO3m0HIK8Yt1dz00bBkZC40Tb2DkKHCZSwc4QT1PcHFO_BFsjIMHwKW3mr2pfvcDZn-VKMjsadHIlqsARQabztwb1otFBiu_8lHpLEp6SL1Dn4xEp5K-Abr_Qun8oF8W09GdXFsEtmc6Xj5uCz&sig=Cg0ArKJSzCTAuIlucnPBEAE&cid=CAQSTgAvHhf_4enIG9K1zoPxPlN2CwlhHN05sl8NwbMup88ConmugWXOgef0deARFuUxP9V38Q9Hq2b3gQG26f1KyqBQY5DxbefyN9hSyHl5uxgB&id=lidar2&mcvt=1015&p=0,0,280,1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3290022505&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702870901780&rpt=794&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3333 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bome0dr9_ZbO9K6-d1PIPp7CU0AsAAAAAOAHgBAI&bg=!r6ylrOPNAAY3kmNgF5I7ADQBe5WfONkzQAIzP1rQkwOfS4o-nh4Kp-paB_TNfd4aXX9C24wh8VzNNVjuYM7evyFPHxjOAgAAAH5SAAAAAmgBB5kDUPv4YhJRIKpfWx0WgMDOh1fKBZ7IOenl7h-91R-1Mruz8iSYzfeZaI6ialk8SsvZmOc1TjIN3nHCCQuhxj_ehIb5JQhUS1ZAvtsZK5n8Pi-aPZbrd0aFePp2j3OwTfTZcT6QnlQwatZeYMWYk8KXi7Z-cutrlJdWvM81UEpYLIzyiL2zKMu7Da8pmoTNIt29bS85Yar1iff7tCvge1-v9y4F_Roh800J1KVCGtdZm_-klVv82eB85ICiDQrdCVtKVhWidcLBcITHCkOR_UpZeVoDQ0oo0qYXa3Xc1NJnNvj6ERgi_MrqRtawi8PXPawnVrUISCsxxBwPO0m6ZgLeiaiYrHOD6BklZrKkcHRAjc58JkIoyqIzcZg9nxGtPLmalkQo7u7L1j961q_4npRGhyRwJ2lZraR5bY0luaFDl_S6cnTAIseTdZfcfTLso5SqcS1sHxM9V5x3O1Ue7srvuDynjMpFkQSVdaU48c3Whmab8i7fo5BXqxm2eqzhMRbsKp4N9zEwAUnErmg6kLVd1OpaM6REh8zHs8MqSzL5YgGAyt6anG2h8hfj_7QJi7CHNnXxM2FOQSCcLixuZ_LaFlEKGZyf6QdEmVQMPqiwnRTM9M_p7qvgKFBXUMXQx_1mRN15xpa4Z8uVTz0Gp9VjfZ0yWa_WGYmcHtvt36iLgHy-UDz7uE03R84j8bFpjO_0tBENARfgB43Os4J714i61eSkmEQ_E1AkJ0RXaWNxx02KfehsU1ZArz13IK1KJn9dDRR3PoT3cCbExFDDWHVv6UFE2XSrsPH4_z181pgxvAgOYH7wbjFEcnaNLjyOMqk_HbCVsJuwhTom_vNRx-QmdGHxXZ1gmH8juZ5Ky8Fzs8vqjgeH7G8kbGw0mg9Xr2_i0_ANHWHBbAgZOEaO0sfhfr6sDjCt0y9InVJNtMLeBImd3iKqJVW9gABi_ss_jyV9nhh7-tjDShi-54JuEbo0dTIKnSxXCpu2CCPJ_IcLl376gkD_UqZNBrciStl8gDbf3kwFdhXPtToOKlo2Tdac_GDmohst5ZyeqzRfuaYB-1TDPN14vyGkcqE8k86byJ3JgJybJSA5vFp0N3a1AcfqZoIpUj-rVTjTbJtI90envZpG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC00 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BU0sjd79_ZYGEDsWO9fgPlZ2fWAAAAAA4AeAEAg&bg=!trWltfrNAAY3kmNgF5I7ADQBe5WfOPM95VtAu6HumjAgXB8VdhZQN-U9M-ohItz2fd6LmN_zmriso8TFMz5Hmfgi_1jiAgAAAHdSAAAAAmgBB5kDMKFvECfctUfssk3yUVQTvmiWMwIB_Uq1v16ArPpvFAyHQDMSi6VYJm_1duOaR5uh2xCbsiiM5O9huJnPLirjhn6e631kf6K8ObDCiNpuTk8QQMRz6oIgA_F9I11ab6q2xyvawz5gOj7ysiLj13Lo3B-ahY_CbUlMB24_Z2YEv5vjgI4Gnp0y5CH7UcM5wbZ60RYx690g-h768fjY2UzFynwmxkJNbRIf7ch0iiuk-sHawy3lPhTw4Jy3mIgUmeoG7HIuU65CkbCYyQOQ4qelQiHl9MS6UkR9JKQ9frGalCDNnHrJm6qmijsSDvK2L8isRbO9sL3PokkueCnHxiREWk885MkI3dZI01r59NQMzaQyMjOW8RhvrhSHVrjHzXNfRB8S0Q2qI_ZtlFB88VXyOMyqOTr_oSPX8VMEeEqYUz2LOqkV6thG30kw8UNos44CGSoPS_7jjq3DFuX6SMlXgH9GzcfXuX1uDcl1fNLlKx_oBP6L_d-lQs9UA9ekLRKDB3p_5PSC0TD-91PM6OaLyra60dn3GfE6xzA9Td1m4dc5fO0kC9N6sI_IA8Fj5iReyGg8_dVVXyZf3T0RVH19K9jLSieLeOQW8Af3upbDTUpbzBr8-JMdeadPPcvtbhTmjuKUUuMebT4GzX35r9IUIEyhYAxcNG-59mzQsTjZQRZFuuU5t2pWQtONZ6syGDQS51dyuJ5awyOyPkU8zhlk6eZUZ9J1dpj4Z4mPPzmC5LL_NQH-IZk5jB3yxOZGXzT-2v4jcF0-LTPlYKsAComEL7lIo1A_UleC6YuW9XZSZKyXhOE4oC56qHN5wFgVeoMiKk0LMxFcW2cVQ8nP2TKKt07DNSajD3_CZSVZ29XfaYQOd-C_9yxQ5xomEZhexqoZF2LILzKasiEQOo75EY-ySZvkVplY3mYpiqfZPLu4F5mgAK8WqK6YRuHwX9qUNgBoSOF0RKCMooPqF5mv9SzvIFg7VSBZQxXjwhm082KB9TrjvflA9a8XJgyuuc5Gu7_OjSB052da-gQH9Z2mjj2iQrKbHdYhVRQztAOsOFr5hO-kVDtGq9Ox818Toke1h_YE6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIwZukuoiYgwMVRUcdCR2VzgcLEAAYACCZ3PViQhMI46TNuYiYgwMVvTRVCB1C9w2g;dc_eps=AHas8cAS2prvjk1UJpEipP9zhGctijE9oXqhMYPeO6nR6x9NadQKYUhtauwPIhnXiYu6Qk5aertIqmI;met=1;acvw=sv%3D959%26v%3D20231113%...
ade.googlesyndication.com/ddm/activity/ Frame 23E8 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwZukuoiYgwMVRUcdCR2VzgcLEAAYACCZ3PViQhMI46TNuYiYgwMVvTRVCB1C9w2g;dc_eps=AHas8cAS2prvjk1UJpEipP9zhGctijE9oXqhMYPeO6nR6x9NadQKYUhtauwPIhnXiYu6Qk5aertIqmI;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D881111054%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702870903674;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 23E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJcSadb9_ZaOWMb3p1PIPwu63gAq4gP7qdKX0xomFEorRo-2-ARABIKHh9xpgleKQgqAHoAHl16mMA8gBBakCDqjL0mBHsj6oAwHIA5sEqgT1AU_QEY_gm0aoTj0i3rLUQ3R_PEn3smpYFxaAt35sGHPbtKpt62CTGKodHewYsK2QhAopluho7xaNQMC_pZnqO0XfUV-Mnmtd62sQvW7OEiFQRqIy-TpWmEM6JMxVztvPXe3An7VbKUDwA1U8balVni3WSkg6GezUr7tNQN1HIv0xmv_1RILHjzNrppgSU5FOH8CWVW3oY7KIJEPAi15VTKZFuMjOGLSou0Ix7J6DQzHJLNsRsbs0OGkJeMpJ8r2FuUIzjDx8bXGHOozdJ8sRcXRnt3vJbzm3drwG2UftJx0qiNTyXZHcwLubibFt1AZ_drq1PldAwATe5bSGwwTgBAOIBeSB7d5NkAYBoAZOgAeDqNZzqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8IHNuYiYgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATmYv2FdATANgTDYgUAdgUAdAVAfgWAYAXAQ&sigh=KBvcZisvuBQ&label=part2viewed&ad_mt=3&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D881111054%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702870903674
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 23E8 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugF4jWLKqNa3kqjjRefy1RTLHroekIIGdqBTYZXVBPYdzMKSuWYQR7MVdYu-a6JplM19dJyO9XKhYqyDS-NSoIW2UsQH_yuXxGxf-Fy7awYR3CekwcRplOxKI0xIOl04UW-v105jsiMKx41M6ZV7Jql-QLjn9Rg9qQkLGrCiUtq5obX-bhiwpu4BL2VDuv06On11oUTWdwB0-0AO_B3-9u7dFOvYBTBt6f4TEyRIPPRZ8MsGzdVhXn1NOAbAkvl6PtlbxOt8mPGhMhjKG1x9pZril9MtKo4gIjbGOh3sHJEzsr--5dvJg4PW_XpWH8EZ-oeBBOLt2RtiXxRHr6f2vA3EMqw0e3KYgYOd2nZwhPVW_6bCmtJAiVcZgbBzO6_0oe9Hl-Pus6k_ARSxrF_TcVn4zDg55Md8l2b7EbPoDh90ptPIGj08MkuUOX1jivGMqJgWr8EhT963EKtF7qFM9jaTL7PPZKtYDFS2qZ35iilZKO2a_6mcdKGgJ8zTtJiheYQaXMDLMIFT7F6UCA-SUTYt_8HtptPiN5zykiNecLSUj7p2fEuNySU5uRH1to9IP1X5fDH98up6zG9B4-oHmcJSDu4mCcEgsC2mpSLgxlBKWFnS3BRiWvJmxL5cYaeuTCPZF4sGy6ufl63mUPn2r35GWbandOI6LPTEkhRFiMku_80ioE5XVDFormnEzNun_QW0yUb9PQzqPlsfFhlp1PlVKWYnNYP9JAn1iUqUIMHkAmgE7K8MVT4uGbVTwndFgBHsBFAHKCXsHZD-ZFGIjp7VrXd5ucGHokv9zoPrcxDgtt1vMsGjgy6jzJKzs-hGcTThtpihgiG2ZKGqHwCHrZDqL3nzp6qqVBmC71Kg-KcrcP-co_RgeiAx7QPWEovKgsMZsj5-uSafgA2HZlR48TuP1TuOTrD0abxK3TPAHpsb0j49bwf-97r4978TbHikrqBQVX_mE8ubwUB9Y2XI5Q0Ap9l63PWtOLEe_qaHS3zSSbdWpVjNmfJ9GkaMQMYkvMr1FaSrxsw9t30mgmUwqew7GI936HJAFt6H_LfBAKFNsR-Mdgj0EEe1aJOiwCchEhcK2LfeNkUYyqt8jUyUQoIImKnSyjlGhpy74K-TGkANzU4FWIClQpdeFunnfCE1ijWfJbG0SdJHw8bqJ2GiesT5o2N6MMMBvWg7_OUUSq_PCAySOD3ApYQSQSqE6LihstDrzLDlhnSodjkOTeUBLNREd09LQRBZlsvaVvcQJbQB4trmnf1j8AxqI&sai=AMfl-YQRor2AfGf-j7ffbUEj2wvGSC6WVq7zy0S7aQf8-3fOk06w4sIo6TvF-knygc5Iu9jqxKKz7-U2plTtPkWtTU9PF1gx8BU1y2RJ9n_zFbzYOCgWZmm_iSVZW-5FvMUidKlEL9ZAf6kDPIogj2CxxDv5FpZvtuP1ggNOQ3JGu8pBuzc9ltk6j6hJ6Pa6-PGUyU6IvLn35_lkHbASOUMuHhU2xHX1wv54JS7Yzh5GqDoYXw4-DvMK2a6ax0-h3oyvCZZ7tTBxngpM4tTMvr15zYa2y-EdyVZS7AsHYg&sig=Cg0ArKJSzJo0JW5LykhjEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 23E8 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY3czKgQIgATAB&v=APEucNV8azqqWCqf9D4ik3hcDpBrc998iSDbDj1BgY_2GmGjl5KF8lqzLJbIzldYmeNm0VxXiigO7QXm4GMKzRTDmzj6s7CEYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23E8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 23E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMzBxNT54annSLQuW53V4cyhw-c1yY-ozqpKbrkYr6yeAPMw0BnSOpPL8CpXAiw8SkfiL46lExvBhjWeiGuJ8d3UFp3AXgmrbT2WPiH51unCIUhVulrVdaSPnqAiT31VnYRyW_hjWJYFx33PwO8IFxG2AC&sai=AMfl-YTX8QjuC0AwIv9SRm9UahgOYP-hrznKWTmfvymNx3B9ThFsF7vazk4iuqUL0QvAL3uP_KIO7-cXPfEYLmjC4PR80UzkMDc8IEa94jhqToEHMi7U2CkGdTY8lbb5kedBVWR32brkQE9E0ZNEmk2r&sig=Cg0ArKJSzA5Im-CCk4OzEAE&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D881111054%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702870903674&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 23E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJcSadb9_ZaOWMb3p1PIPwu63gAq4gP7qdKX0xomFEorRo-2-ARABIKHh9xpgleKQgqAHoAHl16mMA8gBBakCDqjL0mBHsj6oAwHIA5sEqgT1AU_QEY_gm0aoTj0i3rLUQ3R_PEn3smpYFxaAt35sGHPbtKpt62CTGKodHewYsK2QhAopluho7xaNQMC_pZnqO0XfUV-Mnmtd62sQvW7OEiFQRqIy-TpWmEM6JMxVztvPXe3An7VbKUDwA1U8balVni3WSkg6GezUr7tNQN1HIv0xmv_1RILHjzNrppgSU5FOH8CWVW3oY7KIJEPAi15VTKZFuMjOGLSou0Ix7J6DQzHJLNsRsbs0OGkJeMpJ8r2FuUIzjDx8bXGHOozdJ8sRcXRnt3vJbzm3drwG2UftJx0qiNTyXZHcwLubibFt1AZ_drq1PldAwATe5bSGwwTgBAOIBeSB7d5NkAYBoAZOgAeDqNZzqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8IHNuYiYgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATmYv2FdATANgTDYgUAdgUAdAVAfgWAYAXAQ&sigh=KBvcZisvuBQ&label=vast_creativeview&ad_mt=3&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D2%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D881111054%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702870903674
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 23E8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqadda7m&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1997&mt=video%2Fmp4&vs=1280x720&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=198536&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1go~ff.1gv~videopreviewstarted.1gw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=490238894684156&bg=!HR6lHlHNAAY3kmNgF5I7ADQBe5WfOGLf0jB5DX3WZ8KETN6iP8W3AxcEWAG_JRQhbjmEt6KQPt9oBtTV2eLIoTlz4GDQAgAAAOJSAAAAAmgBB5kC9kTcMdIvGab9qUbVk8rbZQFEzJs_lxM9dskR8Qzqsr504pvP0Jj-2K7GjwEno9VdJtolmvjOOVn_5hD4Se8ufv9uqR2skXnwU3aoPdBNw6SjcKQOwDhlLCsGWXyDPnDxiwPYNxifK4Jr_HJvx6uqUVOOKZbnf3nJcguuVGB6n1cJ2b17tdW95Y3_l73Pdn67Z9vunAANlkwaaJNNOwlvg0JYk_SPKWu2LZ9geegzwahcjCnlE8WI06OgNd5uwo4_DWSlvPtB_D9NXKBwlVYyQd5-EImrWniu7UgEwK-7F9ECHz6etRTCcK6uMPQZlofIC9dyj49t157ARlIB6Jd3Uzc26IKhZiq9RcyWnnUsKUn5CaQUQeVDpyuPv4Zse726iCS-BZwBBnMmbiB6sZJxtzZSerdKdM5i8M_VHTRpQzDaii2SBxw7ONUD-M0kqIEEVEq9zykupXUDVYsdLogCwhelYryEf8X5Gmx-LMvhW4MWfOzsbs_rBIgzCAHmId0bHcBMxK_ZzFW-ADalMvrvWnhbrez0gb8dzT6T7IVQERYC6Zm8Z0HwpLlzm7dTgAS4rzQNSIBviagFq4Ngtd_49DiX5yysD8CpIWJRavX_b3SEOuEt2tYSgtW9Vs5CVFsHScsAHNpGA2HEPrDup9-rc-LWtmW_jlUjLtBly9WoHhyUUcoZTf5vJKcOvbIfJaEeclMJbQud12Q-ufcXx20D-5zGsRdnweABOqyLebzcCEsJF2rZoch6DoQJGMv7Ubuo-PBk-fgZox4SxDGKJyoZtzA8iQFupuGHz4kSL7l-091qZ58Zes_ftJhejmrMcETJ0OpTJFgE4sPYkErRRygrochlbdhWGuMx1S0hj26CcLFSOO6zqeNLEC7iy78KUbvd9MmZ6pGm44jYrhOJR459jdZeThvZlEVk-ywBJh9myUz_dqDBp8V4oxZ5gCTDZCVfsnkIMXkvJU8aOtSONF0DuE8f6D23C7GCWynEoAN5gVL-cfuYowev
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giaibaitap123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDgifnt7JnTn9GOj3De717Ygs7USziRMc9BVefKqS3uhPzaW6p4jrjXHYXYSsmYWhIeL5o9-nLmGQK1fsTBDuUJhBwzZkWsHXMB_cBzzE8b10wlOIm3CMtm2U1v6tD3GtdftXeVeNoYhVUpnrJnVPuP5vbveeCRDlNgHqBXMvNEQFIpPTU43c&sai=AMfl-YSFnAAoXgM4c87L8oNHDkxVNAr5bbfUkRuwIwrvqpt13rlTvWdTWg_AoELylkFEI2DDTV5tlpR39A1HQnoL5gwvEX7eZdRCZ-DigPE8QTAPFh-iBD2VbZ0NEBq3OwMVd66zRxjk1jKsOBm1yN89&sig=Cg0ArKJSzPPcpnFRZO3XEAE&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702870902861&rpt=110&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F0ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx6QkK0sP6x0Irf57X-HPoC6ZzpeMBDQwJsAbJ6VM5QWJisDvtiT_Oih8LwOgs3mltuYgtWI6SfSR8RyZGjVS7DXpHnmNlzqofybx8Cy8pyfKit4Fa4OYmG9Kf0DjuBIkO7TZ7ZGLQHd5vgcVhhYnud73i1Y9MdX0ItqYKSANS_ZNUwmCqDJc&sai=AMfl-YRpzSvJbghenl8HuPKU36SoN9waX45ZGlbUIbZeqr5w0uN3XJJUbVjOOoolQoke4ml7RNQ6UgecjDXxhyao7HArZuHccwwV0SpqZKB9G0cWHA3Si2DkRmQ6gWKRtO74MLwGoHh5OoTehVtg2UFT&sig=Cg0ArKJSzKCp-yi8_DJNEAE&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702870902802&rpt=182&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 23E8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lqaddaio&c=8463698434257&slotId=4231849217128.5&qqid=COOkzbmImIMDFb00VQgdQvcNoA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1997&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vfl.1k1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4005:400::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 23E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMzBxNT54annSLQuW53V4cyhw-c1yY-ozqpKbrkYr6yeAPMw0BnSOpPL8CpXAiw8SkfiL46lExvBhjWeiGuJ8d3UFp3AXgmrbT2WPiH51unCIUhVulrVdaSPnqAiT31VnYRyW_hjWJYFx33PwO8IFxG2AC&sai=AMfl-YTX8QjuC0AwIv9SRm9UahgOYP-hrznKWTmfvymNx3B9ThFsF7vazk4iuqUL0QvAL3uP_KIO7-cXPfEYLmjC4PR80UzkMDc8IEa94jhqToEHMi7U2CkGdTY8lbb5kedBVWR32brkQE9E0ZNEmk2r&sig=Cg0ArKJSzA5Im-CCk4OzEAE&cid=CAQSTgAvHhf_Rd8U1uVxBO17SBeYeuBQ7uNIWKIspngGNIoveWwcG-mL7YxWeQXlcYyOeyJqREiDVNoMYXbbC_HyCMvkHjcKqz6bRW8_8v6t6xgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,159,119,368%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2162%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D201%26dur%3D15018%26vmtime%3D2168%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2162%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D881111054%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702870903674
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 03:41:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap object| adsbygoogle function| gtag object| dataLayer function| scrollFunction object| __gcse object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| gaplugins object| gaData object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

30 Cookies

Domain/Path Name / Value
.giaibaitap123.com/ Name: _ga_95WRFTKV2G
Value: GS1.1.1702870901.1.0.1702870901.0.0.0
.giaibaitap123.com/ Name: _ga
Value: GA1.2.311068260.1702870902
.giaibaitap123.com/ Name: _gid
Value: GA1.2.1844368015.1702870902
.giaibaitap123.com/ Name: _gat_gtag_UA_82393458_3
Value: 1
.giaibaitap123.com/ Name: __gads
Value: ID=7353f2fa860ab529:T=1702870901:RT=1702870901:S=ALNI_MYCtQFWZxGs1sHKaxFXlWJocWMDyA
.giaibaitap123.com/ Name: __gpi
Value: UID=00000d1e38ea9ac8:T=1702870901:RT=1702870901:S=ALNI_MaK4-PrXfuMLXk_OegfJzbQn1n7yA
.doubleclick.net/ Name: IDE
Value: AHWqTUndToI97IjLQYUWPNm1MZJijZd9ZryY5cIN0RqIQrdTp75TXI71lcMyRsck8pM
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: ZX.-d4mZ5uyZXnNkgFGR.AAA
.casalemedia.com/ Name: CMPS
Value: 3193
.casalemedia.com/ Name: CMPRO
Value: 3193
.quantserve.com/ Name: d
Value: EGoBCQHYKoEA
.quantserve.com/ Name: mc
Value: 657fbf77-2fc20-b1750-7e338
.adnxs.com/ Name: uuid2
Value: 8339952614065626371
.adfarm1.adition.com/ Name: UserID1
Value: 7313774837698525341
.turn.com/ Name: uid
Value: 4038552451218282690
.simpli.fi/ Name: suid
Value: 2BED6B3CBC114743801263538F3F4ED4
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22AABDAA0A-0CE6-413B-3513-C8EA68B903FA%22%7D
.w55c.net/ Name: wfivefivec
Value: gty5PY0g1Rf4vJ5
.doubleclick.net/ Name: APC
Value: AfxxVi78buLNSgojT_TW8GWOukJQKXPdSTgK1IMEMxae2PZ9z8Lx_Q
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.blismedia.com/ Name: b
Value: 657FBF77FADB31C96D4653DDBLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In@s+-Js!]tbPl1M>e)ZlrFUfJ+tGXvWB?82zP_!7+sZjcRl<svN7IJqW<YZUZVx(ULy3If)y3KL9D3I?-MwB<b@
.adform.net/ Name: uid
Value: 7243054177051613822
.yahoo.com/ Name: A3
Value: d=AQABBHe_f2UCEP5ikuFrWXUets9gF4mTXPwFEgEBAQEQgWWJZQAAAAAA_eMAAA&S=AQAAAkabdhmlKWAu7gQZ6rJmbng
.agkn.com/ Name: ab
Value: 0001%3AfZjFrv1MvCQWmJbaibo9MDcnpr9w7AiO
.agkn.com/ Name: u
Value: C|0CEAtEnv3LRJ79wAAAAAAAQ13AQCAAQpAAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: a0ntuJS3n0gryoxDmDmSUZci65sixYZbCJmInA2iTZcABwWYELqgk4dFZcRM3Mek2PxBEh6jBV68t9yTeJ3HkUpH2LMm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
bid.g.doubleclick.net
c1.adform.net
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
csi.gstatic.com
d.agkn.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
giaibaitap123.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-5hneknek.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
123.31.12.182
142.250.184.194
142.250.184.198
142.250.186.130
142.250.186.66
15.197.193.217
178.250.1.9
185.89.211.116
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.34
23.32.185.35
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2800:3f0:4005:400::2003
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400e:16::6
2a05:d018:d29:3602:97f5:4393:5614:bb1a
3.125.137.228
34.96.105.8
35.156.190.4
35.190.0.66
35.204.74.118
35.244.159.8
37.157.2.228
52.28.181.94
64.233.167.157
85.114.159.93
05b98e7d4e24c87832915625503503e27c8a8bab18dbb6e5e7360f1c0de9ec8e
07f96cfa5250260a2bac918ae9d7834b73c50f6134d21997c3d9c49eaf395afc
0940ae89a72520f3447d02ed54337a03c0f5918bba7000bd0a26429962146bd0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e5fe2fe410b47001315fd3172919f4db7d7e191bea0432fac15a86fc27c0ccd
1efd07c26304aaad1a9692160072d9626f77835a28e1f795e0419845c326f89b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd5a07eb23bcbedc8757a93e398129621aa5dc26b464d6c7e3716429d822f61
26cc3c39704437f4d34cc01644fcfb2e9a18b6e4b90304163a36b26f3abeff2c
2742a825212212d07c51273076d1cf775c99a5e350c5552e73ce474133ff6c8c
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2aa140fcf3c6e9909bbc07a828afba05b0566d583d3bae2653183593b560b10b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
32450eca6bbb7f16ab5b4c97c27e7c9678eee992aaae57178f8758e066f2d656
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
378ce306447fd7d71cc3bc82c83afefb63efbbb8611650c632aa46a5b7f63c34
3bd902a66a2e9f74ab0b0f8d3901ca599781a222bfe0651f9d19db2463befa6c
40d2e679ba37486762bd9c374bb6578e4ec5c3e5429c5bf5b7c630c326a1cfc3
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4239b363241ef7998e7657d7f704e44b6f39959bec3b10da75fd1d742842b47c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bce4a51c6d471f58c43ef7efb862df20ff81ce2cd3e9de1df072403bc61a1b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
518930c34ec93c58c4da1a0bb12542d4a03026f12ec46663570a85999ac5ac25
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5ed720dcd693aa9e9324e8e0ab23b7223064871db4db3ee89ddacd8df78fbe9b
5faa1b094a8f190e47e28ffcc8cd9bbb77c08c71f99e14338a5b1e113b936635
6079e31ddac806e4a6501374c3f38344efe7ed43b058e79379a12032ed3d549c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b726099d4a7e43b1f79dea41b13eec1dcc53e1c96b390417faa7c3d94798da8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f8f992173f5da429e5285538eff91fce7e1b2eef3ee2d53e88a03b85565f172
7926743226557b29e8ea9808bee35d4d8f58a679058d8717232b12e21eca278f
7be248502944ce70993e448a8875691ca03ce2a36945b7a32339ebbc2b7e85de
7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b
7e978c44f2966cff2844d74630a17a05947c1e91e054df49bba9938c91e0519a
81681dcf0703b946feff80d753c359af4f4d31a0991962ddbc534af446fb7a64
823261d90759c7c372198077af4ef0bfef463ce66473614982a2a8a069c7faa7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
929441372fc2739abb378ebb95718a37fdc288d0aa143512ea236079c0bc6290
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99e457908e27e22a07821877621ce2538b6ba643dd7cb8295afe33e385a6e8b6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9f9db9ac45f57d6bc72039aae2cd3ab0e4c951327f339c41baded58c2091ff32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a713dd456f10b1ff2c3a445d44c70f95723e94a7d3fec131a9ef1201d8f76c38
a8578e513243a34f4b4cb68eca3fead974bf7255b738a68bcbc88485924ffeb3
ac7f343d244a9728cbb9c1d59c6d69c6c4eb4c32a8f2987054d8714ee3d969f1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b514af54d6e542fa59a2315392ba85ec1959e5d3813b27eb50c8b2e196782e77
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c194d7dd2699dac26d13747262ac7fded4da853ee5047a97c78c637c5bf86e80
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c538620915fd2a1dc01a63706bc54653ec19f4caee9f08cb983bc66b65b290aa
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c5be42e117359b36390b264892f3ce0255da3d6a8b31555d573d45f15d0463cf
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cd98ba24c35076eb7e4ea1e8a9c16d900c373ec1916b59e91afd02cda6393ac7
cf42e355d9d64c6f26a3171248abbf3d1bae18f071fab55a98189ee705c9d8e0
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12b18718a75e2bd7790b49b0da5467da209942f1c51ded9e680cd6f21700f51
d50e47b16cf1ca158bdf205cbdf607862902f2d7f797b6fe5fd0b85f9d60dad4
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e77ee4598730f635a325154e615a62a515c6b10c445497df7c5f3e741c24d0dc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fbcf255e0a0775df307e7e5012a68117c5af8c0801e821c56b7368231000c155
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48