URL: https://style.dongvatmuonmau.com/
Submission: On January 13 via api from US — Scanned from US

Summary

This website contacted 19 IPs in 1 countries across 10 domains to perform 120 HTTP transactions. The main IP is 2606:4700:3036::ac43:cd19, located in United States and belongs to CLOUDFLARENET, US. The main domain is style.dongvatmuonmau.com.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.
This is the only time style.dongvatmuonmau.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
497 KB
22 dongvatmuonmau.com
style.dongvatmuonmau.com
343 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
165 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
72 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
116 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
141 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
3 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
gcdn.2mdn.net — Cisco Umbrella Rank: 1402
r5---sn-q4flrnee.c.2mdn.net — Cisco Umbrella Rank: 112428
30 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
120 10
Domain Requested by
22 style.dongvatmuonmau.com style.dongvatmuonmau.com
21 tpc.googlesyndication.com style.dongvatmuonmau.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
19 pagead2.googlesyndication.com style.dongvatmuonmau.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
style.dongvatmuonmau.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
5 fonts.googleapis.com style.dongvatmuonmau.com
googleads.g.doubleclick.net
4 csi.gstatic.com imasdk.googleapis.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
style.dongvatmuonmau.com
2 r5---sn-q4flrnee.c.2mdn.net style.dongvatmuonmau.com
2 ad.doubleclick.net style.dongvatmuonmau.com
2 imasdk.googleapis.com style.dongvatmuonmau.com
2 fonts.gstatic.com fonts.googleapis.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 s0.2mdn.net googleads.g.doubleclick.net
120 20

This site contains links to these domains. Also see Links.

Domain
mythemeshop.com
Subject Issuer Validity Valid
dongvatmuonmau.com
GTS CA 1P5
2023-11-28 -
2024-02-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2024-01-02 -
2024-03-12
2 months crt.sh

This page contains 18 frames:

Primary Page: https://style.dongvatmuonmau.com/
Frame ID: A9FDDAC23E0C3D809C7A9C885F648990
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 26F55C7B68EE3B8CBAA72A1AB9EA00DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3301618245730379&output=html&adk=318159125&adf=2184669829&lmt=1705181134&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fstyle.dongvatmuonmau.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705181133914&bpp=5&bdt=326&idt=333&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7576228514315&frm=20&pv=2&ga_vid=363925135.1705181134&ga_sid=1705181134&ga_hid=1047975573&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31079437%2C31080223%2C31080259%2C44809004%2C95320888&oid=2&pvsid=2670670435242326&tmod=1099198662&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: 71D7394A11D1B725275138E5DB05EA1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 9D41822E1AB0E6F4F5CCA3113DD2E550
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 1CFF391F3F95EFD10FE046118A6545F2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 223F25CB25253836EDE0D937F160C309
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 7107C0D228BDD13852C50D8670558BD5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: A0FA542B6766E586CF9E4DD1CC3D08A3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Frame ID: 930D782C8A534A3B3544DE3729348EB2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: CF12239603E78CEA48E4F196DDE585E7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2EAC4D4A75289F7A61040EA2EDEA5056
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5CA41F16F917EF832E79916EE4267F2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8DAA2D18BC7AE7A5F6BF68F055B51EF4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: 527F4A9EF707089C03F0029D6132C64B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 591ED9BD94E0C4614EC485945BA851BD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: F9CD92EF073642931AF925C20AA468E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DDCF4676F6073F12B6CDDBA3BDE5D095
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D738495991D7DB98CAFF8ACC08AA3B8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

style.dongvatmuonmau.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

120
Requests

95 %
HTTPS

79 %
IPv6

10
Domains

20
Subdomains

19
IPs

1
Countries

1559 kB
Transfer

4338 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEsYaWgfjIgaHNLCqHKP7U&google_cver=1
Request Chain 73
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaL-0Gt-souFWvR4NQWJ0wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQATRir8SzsTKcrdeYMB54&google_cver=1
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE72Cqv8QdmH1yGCoAX5B0o&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE72Cqv8QdmH1yGCoAX5B0o%26google_cver%3D1
Request Chain 75
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MjM3MjAyNTg3MDUxMTE5Mw%3D%3D
Request Chain 80
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 90
  • https://gcdn.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/954A8BDE689E575192E3E1969C724C519A53D2F7.1BA2626D00D4D80A556AF9419C1FBC81FB5FE7E/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A5CE9FB04E42691DDE8FDF36F205998BFD61AD8.8277C0601D2D376DF0526E5B7B85D7011A8D9764/key/cms1/cms_redirect/yes/mh/n5/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnee/ms/onc/mt/1705180054/mv/u/mvi/5/pl/48/file/file.mp4

120 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
style.dongvatmuonmau.com/
52 KB
9 KB
Document
General
Full URL
https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d48110b078444b07fa296d8a7e490d8116f7972eea66f0cbf49675eee0adf3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8450b663bab47442-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 21:25:33 GMT
link
<https://style.dongvatmuonmau.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2B%2BGkYwZZsvIvtKk0lPq8u%2FcsWzl3RYx19BOvZV2KMxIrgZrXL15IGBa4ODipYfeqWVBGvLh6djJil7YK4rBMvrPCvYymzByR%2BoFpqEJ34xx261vBTUe6jLcdgE2lU9I5xJ7ChJGFLiJkVa5jy8kubv%2FJwT9Vsw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3301618245730379
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73c4455d1517652b0015ae7c4638d411928039b13de570e16cee76d09048647c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Origin
https://style.dongvatmuonmau.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51193
x-xss-protection
0
server
cafe
etag
8714311633610179758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:33 GMT
style.min.css
style.dongvatmuonmau.com/wp-includes/css/dist/block-library/
107 KB
15 KB
Stylesheet
General
Full URL
https://style.dongvatmuonmau.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 17:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1add3-6596eafc-4a1bc8;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vqHqtrPs5QcT6%2Fp12OxiDFQZUU6Fogu2tRL6%2BAVaLps%2BhRatL0cGbB8BnbQ%2FK2v4CeQc4%2Ba%2BexNaJoUiPcnLpltFBaYRG6shA%2BX7pLDU4mlqehSoPdGfAgmHNtJy0nMGvs09pJDLjEiVzBXS8%2Butoc0LzT%2FE1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8450b6650d207442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
style.css
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/
70 KB
14 KB
Stylesheet
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/style.css?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974e4845984871c49feed0117ec5fa685f94ed0116e94dce8ec5fa87ca71ed7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11842-6597d288-49bd67;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhpvMxsaCgwMP2CN8GHRWPZYZW18k50GlyRrn4lWHLHrL3qhbpF1eKAyoB5T3UWsz3aJeNqOI850KpeLOXOWLbjJvC9YHsEt%2FOlIZSmM%2Bh2MBrF9tJYd9BJbiiw8KehHEpKdp7RqDQqwiK%2Fd0W7ckgwRIGJYRRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8450b6650d227442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
font-awesome.min.css
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"78d5-6597d288-49b7b5;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivoFdHW7cAcOlJCjkokha1Spotbz17ouT2v1odTisI1BQjqPJWfnqVKUM52AvNGwFIBAMFUyX9oMRlFHAc9Jgmxqd%2BDfxMnaJvWiNo5e%2F72fDKIQKdz3ufIVM4k8bDUs5u7trd2ZGyg3%2BC2QS77QNtTNV1%2FCWco%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8450b6650d237442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
responsive.css
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/responsive.css?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c677e99da1f9014faa8aff613db3d9ccf06138b6e94190921c365835df19c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
498668
etag
W/"380b-6597d288-49b7b7;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xg93uSCrawzMOV1CM8DWtsnQ8nQINgtZCQ%2BKnDZ%2FPe3USqo9cTiaAVqVhXj8YNaayRfvC2YYDOTdPwb76i%2BlW5lfALneJHn9LM%2BDiUDIOEgFsZ1YfxDHvxd%2FjDob3y8dSXVcL47rN8hIcUGF%2F1XLlURGyZvDGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8450b6650d267442-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Jan 2024 02:54:25 GMT
jquery.min.js
style.dongvatmuonmau.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://style.dongvatmuonmau.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2024 17:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
498668
etag
W/"15601-6596eafc-4a1814;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBzvghEuiaz3ItF%2B1dTFmqiv3QOLcQQ231QcBJr8J7AZ9Yq%2FUHEhX7avmltncNYHTrBTxp56BJiNuTVJYxEdEtBHliHeEUxos%2BSeEsO9Svt50t94Pyl8Q2kK1dIpHiVbbjJ2p1247Gz5g%2FTUYEph5689K4pQ%2FVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8450b6650d277442-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Jan 2024 02:54:25 GMT
jquery-migrate.min.js
style.dongvatmuonmau.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://style.dongvatmuonmau.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 17:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3509-6596eafc-4a181a;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XdY8mtQcoOSNKS%2FXOy5GSntQgxwLWIeTqaa1ikOMPelMJ0BUojzvH4PA1Z28I1AjK2AUpzs%2FhOyH0fNQYbZz8gUGpIPW%2Fj0zsxISzKnfJzyQlJNMdsUySCg2uQDYSBaLrEj2JFQTS%2FWnnAhbr862Bf4jEbw2HI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8450b6650d287442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
customscript.js
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/js/
11 KB
3 KB
Script
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/js/customscript.js?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ee135c332e44acb7d54dbac9674027d629058f509c6c4293731dfd76b8d4c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2c90-6597d288-49b853;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiWUr%2FaeP%2Fgra4SENJjDH4CzvSBhjmehFV5geD7UOJi1%2FI9BKVeHkXLL2Yaz8jBBbHlvxKfgHkExYz5zMMYB9A1IkizKMGpSjyBntR8Hpqlitq5kToY9k6gk1kOwYeV0bA0Kf3xxVhYLueR1XHdLatFzw9wzQpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8450b6650d297442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
jquery.webticker.min.js
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/js/
5 KB
2 KB
Script
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/js/jquery.webticker.min.js?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800ac569bf0aaac1ad3e5ed4bd2fd4523c546e965a7cb9345ed6a1ea9ac2c21a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"141e-6597d288-49b858;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3HcUo2Zoy1vzou%2B%2FrXcP1KADqt%2Fn0RKCxN2wPG%2F6L52KL7J6Xomkz8SMuFBX7ZXcdMZmEsd5E3X9vtLYAfhwwyw%2FprN3YB4EOpMWnbz%2Fo7U%2FmbTcY%2FAwxc1cZwViQ2AbMfAEqPcvR%2B1GVXcMSSVXCRgpuKGJsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8450b6650d2b7442-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:33 GMT
css
fonts.googleapis.com/
13 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34ca0ac937bc08e617e466d8438b423d70fc95cc569d0bbb94438e96235366f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 21:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 20:29:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 21:25:33 GMT
3ae629ed-d325-4267-99c5-d596eae3cbe4
https://style.dongvatmuonmau.com/
1 KB
0
Other
General
Full URL
blob:https://style.dongvatmuonmau.com/3ae629ed-d325-4267-99c5-d596eae3cbe4
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
nobg.png
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/images/
68 B
617 B
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/images/nobg.png
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44-6597d288-49b80c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xptmVF3QIRhHvnhpStTcnjLtg5k0zJ59%2BibzcuFnTQFpeHHfr%2BCzsKJA%2FBCNIkz4D1aHlJQ19fEVyYSmn9MzGBPCdunAsr%2FqSANwMs7TdONqun0JcacSG4L3bOo0xcrF39vIhZGhpH5m6CBRcGoX617BGO%2F4EaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666a8ff4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
68
expires
Sat, 20 Jan 2024 21:25:33 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://style.dongvatmuonmau.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:15:40 GMT
x-content-type-options
nosniff
age
302993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:15:40 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://style.dongvatmuonmau.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:18:22 GMT
x-content-type-options
nosniff
age
302831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:18:22 GMT
fontawesome-webfont.woff2
style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/fonts/
75 KB
76 KB
Font
General
Full URL
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/fonts/fontawesome-webfont.woff2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://style.dongvatmuonmau.com/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.2
Origin
https://style.dongvatmuonmau.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 09:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12d68-6597d288-49b7c8;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyzeKcJOMx10j1kBWjC0XF5XlqjHFTn1zfDkaREKi5MT%2BHRPgp95C3XyYPVRE5gs2zifO2AAsehITnFtSLinDLgWAZE2Er%2BkBcfnG9D%2BZROdFaT1EogzPXruvbcghe01q3x8mq8yVHH0L3G%2Fuu%2BaLQo%2F%2B9MrV6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666b9154c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
77160
expires
Sat, 20 Jan 2024 21:25:33 GMT
what-clothes-are-in-style-2023-450x220.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
25 KB
25 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/what-clothes-are-in-style-2023-450x220.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9988d00ec65762366db55cda65f0391ff10ba974a4dfe9478f4bc56f1adfe0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:40:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"639b-659822de-49dec7;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6IEsRekGmTfE7yPZcrZx2irFwXA3cDrmhkwrhjkp6yGwyJIuQpRIhX3Ahgh5blp9qiScg0j3voDeuaYvussRwWl%2B2D5j0YMQHUReFX5HWSEBAogIV900PcQmHdaTOtbNWTBA0N1KupdiYiRlOoTcXuaIRWRIB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d93f4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
25499
expires
Sat, 20 Jan 2024 21:25:34 GMT
women's-clothing-styles-in-the-70's-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
9 KB
10 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/women's-clothing-styles-in-the-70's-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
677cbfdfcb64ca019993c7fa8a1daaf0cdfe3a7acc927a886e8d971adcef7b7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:36:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"257f-65982208-49deb3;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JKTyJ6gqwCqx%2FAvNyz09j2tf22oUjqQZU%2FNKv8aw1QXm3FuIdRd7l7EEJ2Ern9CWed%2FzNEct0GUtls1eCQ8tGdRqLeAHYiGYZGMai%2FarY4NZjwYERTwN6GoDjH8yxQTXcuDt0RTB0kcGsXUKWXYMxv3lsSU9Rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d9414c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
9599
expires
Sat, 20 Jan 2024 21:25:34 GMT
hermit-crab-bell-pepper-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
9 KB
10 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/hermit-crab-bell-pepper-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d315dda7a887051736b682bb78549908fbd3cc99632e63262472f362e8f72f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:25:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24f7-65981f4c-49de94;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbXd9FCHrH5X1XYL%2BBXloH7brvA%2FEMiWmei%2FbAeMX3SjWG4gWPhJu9AyJ%2F%2BPmDJamvUvkvV53QSq%2FmvKwgivZJPHGbQAmY%2Bgd9RcFs6VPZBrz1bplvUnS1Lr6%2BR1cb7%2FqPbzqoXmsOGXj0Y82ubkj%2FVw%2FHMZS1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d9424c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
9463
expires
Sat, 20 Jan 2024 21:25:33 GMT
joanna-gaines-clothing-style-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
19 KB
19 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/joanna-gaines-clothing-style-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e86ca3df22f585d6f88330e7024e53cb1334d4fa26c2833e51e6c2ffd69ab4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4a0c-65981e75-49ddd4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isfh8rcjDhOz5I7P9q16ZTkaxrGyy6czbn13mbsuPSZp8%2F%2FTmzjYwHMISRSAQ2UaUC2I7WiL%2BIqwZ8l6a6W6n7d%2F0IjuZ9du%2Bs%2FZtoCZ7C34FA5Bw7LPX6gfTEnWiixPHNCSVd7q2uzb4Qjy7MkhHbWpTtF84%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d9444c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
18956
expires
Sat, 20 Jan 2024 21:25:34 GMT
can-hermit-crabs-eat-raw-meat-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
14 KB
15 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/can-hermit-crabs-eat-raw-meat-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7915ff746073ba3c113f89c53c2cee6a9f508e214d9dd9636208fa4333d98952

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:18:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"391f-65981dca-49ddc9;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rRNif5686FVKTkAZ78EEnl4Gqa7p%2BVU3xsW9x5r01yhNLjqvV3i0Rj1vwTX2Dd5LuN%2Bi6%2Fp8oCOfjYf%2FabCgsFQUGU909uCEAm3FhQC2fm1fNbI34joXi7H%2FXK8%2BIP8drung5AF2bITF5m5NiIrPuIOfjsK26w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d9464c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
14623
expires
Sat, 20 Jan 2024 21:25:34 GMT
step-in-style-clothing-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
20 KB
21 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/step-in-style-clothing-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99fd249b2e2a46b680181ae4036443deabf61db59165cfad8dbd3cec17c750fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:13:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"51a7-65981c97-49de77;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzK7FZLxUCBDiN%2B2f1wM0MBSp7nsCb%2FBQZUrNXKmL7yH8%2B%2Bw0bJwBaJcKhfKkWwEsx6S94t8u0vVmOTcaWGe4vuCihwNKk5NJvr2B3wcZc8%2FNUH6l%2BNhAjnFnkP5bOYp21UAfo6lvgexGAImQgGiCbQWNaz9MQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d9494c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
20903
expires
Sat, 20 Jan 2024 21:25:34 GMT
can-hermit-crabs-eat-bloodworms-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
15 KB
15 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/can-hermit-crabs-eat-bloodworms-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e1bd76c1002b66396926414506670556e4de54ee68373fdcff8033c9d76303

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:09:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3ac7-65981bad-49de4a;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FHl8Ebdv5PaMLGK0T82B2T7UHUTUzQhAsmp5ZaKkMPAGVXH2EV9tEM0ff7nJ1VMmMdsIK1Hn94g055g2GNzi2zGd1P6%2Bt160g2MtA2BA2RWaimhPSzcNdpPazTGKdA4uD1MqJHo1aLX%2FKzZHDoZvZeORl%2BXYso%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d94c4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
15047
expires
Sat, 20 Jan 2024 21:25:33 GMT
can-hermit-crabs-eat-cilantro-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
19 KB
19 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/can-hermit-crabs-eat-cilantro-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18034f46c5aa11d849c03b6241ef9ca63554393ca2f9a8f45d33a159a44a1009

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4bdd-65981b28-49de40;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMUNL9kOcBDavKruAoJ%2BQOvmtjeJc7Mt4Y4orDhjdeWft3buoePimFXVXy4LTtU0aiLPE63ngK7iXz8IZLJxXI6leOoBCWECScxqoImnwNhI%2Fp9nmp0OZTm%2Fo7km59Fti1z3Ucy85YricMjvqvXT5rtRVvLa2iQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d94d4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
19421
expires
Sat, 20 Jan 2024 21:25:33 GMT
80s-style-clothing-mens-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
15 KB
16 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/80s-style-clothing-mens-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a43022d64e9a3f1c5eb99212868950495e1b8d847aaad671e260067c47ba745

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 15:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3de3-65981a79-49de29;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfjW9oJnubsWkZxNFZbZ6cAyiR1AeVrQ3lTfHfcE%2FnplUB07VmOkDHDADuJSQk%2Bfj%2BQIyKBymLmoNl6qzZ2E8oohjF57F549icIbqk7J%2Bx8dLWcWM8980D69J%2BgdyncRND%2FfJAKLg6erOEbkMVEQdPmV7wMgDAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d94e4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
15843
expires
Sat, 20 Jan 2024 21:25:34 GMT
do-hermit-crabs-swim-370x215.jpg
style.dongvatmuonmau.com/wp-content/uploads/2024/01/
20 KB
20 KB
Image
General
Full URL
https://style.dongvatmuonmau.com/wp-content/uploads/2024/01/do-hermit-crabs-swim-370x215.jpg
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbd402f646d556c9dcf1a376b0d3a133b261b9c2fe7040ad8b7754ec686a9b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 14:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4eaf-65981916-4870e4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9NbHZhvfaksE0oOJT70GphxeexWeCNu7%2Fw4FESkktNNcx1FdW2JgrWZkPciQcniSUX75qgUFzaeIvzB9uw2QDiReKb16zmpnHlMhz2H4GfrwHqCo2j0ig%2FUUDDuoYArxZrZ22UX5mLFxM14vAO%2F65%2BbQuxsycM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8450b666d94f4c21-MIA
alt-svc
h3=":443"; ma=86400
content-length
20143
expires
Sat, 20 Jan 2024 21:25:34 GMT
wp-emoji-release.min.js
style.dongvatmuonmau.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://style.dongvatmuonmau.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:cd19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 17:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4904-6596eafc-4a18a4;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUXE9%2Baiqmx3r3%2F8Y0l0MiznddUG9BJOfxiPLdU6AHnfP9Pc%2FuRvZojjPNR0HGESEj%2BV1umbZU3wp0VBzDwSezhvXQQUXsOeI9eAGDy6%2FBxUz3haZKB3q5hKhB7Nv8HLP6Br74oFzWbtQfe8RtNrsYh7AkeWHrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8450b666d9514c21-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 21:25:34 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3301618245730379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2ab69da2016b9247b77acbdc83c5f15569383a6f75e89c1764ca2181437a368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139348
x-xss-protection
0
server
cafe
etag
1091231605366683894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:34 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 26F5
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3301618245730379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
79829
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 23:15:05 GMT
etag
3009746639812436877
expires
Fri, 26 Jan 2024 23:15:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 71D7
570 KB
124 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3301618245730379&output=html&adk=318159125&adf=2184669829&lmt=1705181134&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fstyle.dongvatmuonmau.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705181133914&bpp=5&bdt=326&idt=333&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7576228514315&frm=20&pv=2&ga_vid=363925135.1705181134&ga_sid=1705181134&ga_hid=1047975573&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31079437%2C31080223%2C31080259%2C44809004%2C95320888&oid=2&pvsid=2670670435242326&tmod=1099198662&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25eabefa5ac6be0eebe1f6ee9554ef79b16422a734756d375346996ed11a8c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
126805
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:35 GMT
expires
Sat, 13 Jan 2024 21:25:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
162 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b68cb29ebb2cfeef19ae99f37060165be1d77a85649621376acda8bba6a8b154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56392
x-xss-protection
0
server
cafe
etag
17798325827288037453
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:35 GMT
ca-pub-3301618245730379
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3301618245730379?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a21ae315db249eaa911a651d2659a4af9ff8f2faf0984c5a2ed67d46dd8874d2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X21EZ2RkXC7jF_ZWwkvXFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X21EZ2RkXC7jF_ZWwkvXFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 9D41
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
79622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 23:18:34 GMT
etag
3009746639812436877
expires
Fri, 26 Jan 2024 23:18:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 1CFF
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
79622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 23:18:34 GMT
etag
3009746639812436877
expires
Fri, 26 Jan 2024 23:18:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 223F
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
79622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 23:18:34 GMT
etag
3009746639812436877
expires
Fri, 26 Jan 2024 23:18:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 7107
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
79622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 23:18:34 GMT
etag
3009746639812436877
expires
Fri, 26 Jan 2024 23:18:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVjkTWC9AVgu43oRZmCh4zkLvsPspnm9dX0h2HQDXBHYYGyUYRALXEiP0H85FbtfROhSTF8Rzo7Nk4Q2vMLrCl0bRgr9qyeIjpmjZ9OSox7cxZ_CRjScMWdG3c6bSXi14p60n5Aew==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVjkTWC9AVgu43oRZmCh4zkLvsPspnm9dX0h2HQDXBHYYGyUYRALXEiP0H85FbtfROhSTF8Rzo7Nk4Q2vMLrCl0bRgr9qyeIjpmjZ9OSox7cxZ_CRjScMWdG3c6bSXi14p60n5Aew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTgxMTM2LDM3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3N0eWxlLmRvbmd2YXRtdW9ubWF1LmNvbS8iLG51bGwsW1s4LCIxNW1McHpyd0xyQSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dac1c8ce634946b06a28f307b8573f432898494491a12a6fe4d0e6d620f1499
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Och26UglnJxzN2meQZ6ojA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Och26UglnJxzN2meQZ6ojA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 9D41
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 19:31:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 21:25:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A0FA
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
8327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:06:49 GMT
css
fonts.googleapis.com/ Frame A0FA
8 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 19:33:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 21:25:36 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame A0FA
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 14:57:55 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame A0FA
378 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134337
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 10:18:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A0FA
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
28276
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:34:20 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 9D41
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 10:39:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
38754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 10:39:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 9D41
22 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 15:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 15:58:03 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 1CFF
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:50:22 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 1CFF
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:20:42 GMT
css
fonts.googleapis.com/ Frame 1CFF
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 21:11:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 21:25:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1CFF
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1CFF
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
8327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:06:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1CFF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
47738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 08:09:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1CFF
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
28276
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:34:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1CFF
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:36 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 1CFF
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:23:12 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 223F
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:50:22 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 223F
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:20:42 GMT
css
fonts.googleapis.com/ Frame 223F
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 20:27:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 21:25:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 223F
2 KB
856 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 223F
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
8327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:06:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 223F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
47738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 08:09:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 223F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
28276
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:34:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 223F
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:36 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 223F
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:23:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 930D
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:36 GMT
expires
Sat, 13 Jan 2024 21:25:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame CF12
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
80584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame CF12
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 15:58:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
19654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 15:58:02 GMT
view
ad.doubleclick.net/pcs/ Frame CF12
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsugXRz-64HrVtZ9GJ3BoV0RUdiGzfVXUTO48yHitzSh67mmf0oo1GzdWrSNWIRm2s7KHPDAfnAaCT2_zEy6pIZykIkwUTE3NKF336eP8NLiW_rmMQYYJeJVnsWiMAghG8Wh3kbLPN13ZuBSxwPUNG3JY3PN6_pzNYtmP8D1w-7Nwu1v0He601uadVcYgDnTWmKb7j3zHtw5mZU1nP5N49kVqrrPgYLx_L3wpLj4ek6RaQw_hA25o5Lnd2J4TGYrcQWMMOatiYU1LqoFu7zA_kYuLYo1YwJmHYeWSG_j_8Uw0elMgVRpMLESMHik4lKdJWAWYOBpK-Q1CCt-8xwkpsjSw4wqRPNkrb2HzX9Or-j2LiYUwZG6ZpIjNHZqOfxC-q6dwPdGNRnhOCxG_BHzd-UDzsydFcjg13doCgpdOQ88XRe6CEjOPHLUrAhVg0h7fUaHWtftZZ1Y6W0gh9TyB8HjtZbiSUSvOSc_DJlDasINKCUPkmR4_xsJ3KJRaXIq92kodTYO3yfBA65bwEy_9CCFPmamxcUIsg8QmsWTvWKsZmsGWnfrdgSjO-paWJaSUT-QJzQJp-rYJvLiBXyCT40KZ3NsCoqJptlct-aZ9grgpAhzP2rBNGwev-vcTBJO3Ew_OLOkVjMGEEni3s7FHc8Et_7yNs-jcjFVsHWYphofsTo7U8OcEKJRf7fRDR7l6tcaC6rozqfJ3ObF3Qh_C3FicxK-sxE0sl4Qbm7nSkQ8yCrDYEx5I7bv_LmVyUdetAmbs4_x5eNk1esxJkGRL9Df_BZq3rU4ZCvimYfu_4KIIvUQYU6r35J-M_Ufk3Rh49XKNDN4OnBPcsS0B-T--AuBCMuPJfx3gNd3nHns0aHyApzhDug861K6okkJNxiOejmXEsgDpGaQteqeo0p2Gn-otLSSxOTupRyuaqGbY_58yuNzo5jVpKOBKyPpGBvCCuNZ_dkBwokv4yHP8nZykGwa3MMWwe4AReCZvc_gv-tkOpyZU0O8-sJX4zfRJFP1JerJIrDDjxy4v8AdoELetg37fpZluZd8LL_ZJyJj6Q1Fg-5i6KA0-6DNJwGy8R8iVudISuM1e7umLpTYivnt4cNapCfZWTaVD2KiCocono6tmDkDk9u9p4iYjbsB2ZNKiJGSJKreFM0MWNeiu0SW5JmkkMuglPBf-iGqJsLJ55NoR_TuQURN4U5MOI69ZDaFOMY0dFBewZVTB7Xb-IP9Lo0xSIzk_gN-GuxBYe2weRGufQ_OLfK-rjhVyubf9VACI9BJkuPTI5rF8ZGXGn7OwAgVRkMCHAKNOq_O5o4bHPinVg6BcaDDWg9QOh65osonxB6j04dla9qindkxaJTQ&sai=AMfl-YTjtC5WPuPhOiKL6v3FnYzgu0PdJa2l-kHNkotGCxvZYRAuOyIFViaKYezcexGFSbh4fU8wQGR6lmUMEZA4JEBSuoyLM2_ndMxOdrXkAIFWRY2VNhPs4cj_hiBKOjAk3SSBjF2w9nvDzWHDLr2SLwKY0M4ES6iUseNszeNLJxr3vw6yAaJujIVaVMjqKFE5Kgvf3ArzzFly00RCcMDD6rNxx02hNB7u-Wlcz0WCPwgXp9vBzLCWG-zGSfAMd2tVsY6aa4v9FZShr5ND7Xu2QqwSsvDiAzt8NzQ0nKHE6cyy4YMDgA1HfGZlpOitajLVks8up7TAEZ4xWP5iCKs1aj2Oedy1KkLbRj2X-aV7TJoVSoZzjukX2jO65UkrHEMti3Vb8FbNSTpYteWAxM-KDH1g7qD_xKJiKGv8Mgk6YymqxukQ2tjEmQvc1UUbjRAyutrM3d5nEt4xcjqeeJaonThUDbpzfyi3RPf7PDXOeHcfhIF6N3WVniauN15cTJDV-JAwFrg&sig=Cg0ArKJSzKOb58NjcvDAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.36051&arae=0&ftch=1&adurl=
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 21:25:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CF12
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 18:42:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
9813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 18:42:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CF12
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
47738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 08:09:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CF12
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
28276
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:34:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CF12
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 21:25:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF12
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cy4DzSoq-PZO_WcTLR2i_G1D52RK5z8hkljS4UZmotbCvJvbiAq-J4Iw0NdqdRzhLAAyYRStHaZ41ioL7T82WdwbtLas4OkLoCogxJ_QGaDjK0568
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6319134443899241748
s0.2mdn.net/simgad/ Frame CF12
28 KB
29 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6319134443899241748
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15e3ea1757595340f7f3bd587572af7a024a725d91092d5111b648233f2cdfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 11:47:53 GMT
date
Sat, 13 Jan 2024 11:47:53 GMT
x-content-type-options
nosniff
age
34663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29083
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 18:59:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum
dsum-sec.casalemedia.com/ Frame 930D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEsYaWgfjIgaHNLCqHKP7U&google_cver=1
43 B
768 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEsYaWgfjIgaHNLCqHKP7U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0CWL2b9ypqZUhuChsgPbXlMlHGWPgNe6B4Nt7toCbD6qEFwmNp6fj4SYglrN1e%2BROw0CwNLfcxLoxC3%2BpyCI8lh%2FLhNb3sYyNJlsrbyOq3woGnbEeCEetmktaeSyoNmnz%2F9SAeImzlF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8450b6768dd13707-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPEsYaWgfjIgaHNLCqHKP7U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 930D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaL-0Gt-souFWvR4NQWJ0wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQATRir8SzsTKcrdeYMB54&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQATRir8SzsTKcrdeYMB54&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUW2Ja1YrLkRPJcFC%2FNlN6gjgX0huSLZYlxTVEEQSBz%2BJtM7A6qOtrtmYZB9tSNgO%2BKkryF7NriOFlKePnOKIw%2FXnFvRs7WqpESr8hVbfAdOlS%2BW5dTxAPpFBueCXonuxQ2BNF1h5XGBDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8450b6776ecf3707-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQATRir8SzsTKcrdeYMB54&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 930D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE72Cqv8QdmH1yGCoAX5B0o&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE72Cqv8QdmH1yGCoAX5B0o%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE72Cqv8QdmH1yGCoAX5B0o%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Protocol
H2
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
an-x-request-uuid
6535bd94-68cb-49e6-90dd-8d2cecbf7670
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.77; 38.132.118.77; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
an-x-request-uuid
2020c493-5a68-4420-97b4-849cf39b1afc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE72Cqv8QdmH1yGCoAX5B0o%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.77; 38.132.118.77; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 930D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MjM3MjAyNTg3MDUxMTE5Mw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MjM3MjAyNTg3MDUxMTE5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGJiuyPcBMAE&v=APEucNVV_jF2dJf923wywXpKZwoepwCqB_xoJiEe36-Jdjh_K5pprF4FVFcoMK18yiZt5INUb5Hr7tWc01jxBHkSo0b7fywBYA
Protocol
H2
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
an-x-request-uuid
e13d181b-11e7-4429-a446-c84bc8fb4b80
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MjM3MjAyNTg3MDUxMTE5Mw%3D%3D
x-proxy-origin
38.132.118.77; 38.132.118.77; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2EAC
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 20:51:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CF12
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10c5ce58173b7f3199feb5b3a16933b18a1a4d016eda9717465c654f0d065567

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame F5CA
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 20:51:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8DAA
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
120043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:04:53 GMT
expires
Sat, 11 Jan 2025 12:04:53 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2EAC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:36 GMT
expires
Sat, 13 Jan 2024 21:25:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame CF12
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsugXRz-64HrVtZ9GJ3BoV0RUdiGzfVXUTO48yHitzSh67mmf0oo1GzdWrSNWIRm2s7KHPDAfnAaCT2_zEy6pIZykIkwUTE3NKF336eP8NLiW_rmMQYYJeJVnsWiMAghG8Wh3kbLPN13ZuBSxwPUNG3JY3PN6_pzNYtmP8D1w-7Nwu1v0He601uadVcYgDnTWmKb7j3zHtw5mZU1nP5N49kVqrrPgYLx_L3wpLj4ek6RaQw_hA25o5Lnd2J4TGYrcQWMMOatiYU1LqoFu7zA_kYuLYo1YwJmHYeWSG_j_8Uw0elMgVRpMLESMHik4lKdJWAWYOBpK-Q1CCt-8xwkpsjSw4wqRPNkrb2HzX9Or-j2LiYUwZG6ZpIjNHZqOfxC-q6dwPdGNRnhOCxG_BHzd-UDzsydFcjg13doCgpdOQ88XRe6CEjOPHLUrAhVg0h7fUaHWtftZZ1Y6W0gh9TyB8HjtZbiSUSvOSc_DJlDasINKCUPkmR4_xsJ3KJRaXIq92kodTYO3yfBA65bwEy_9CCFPmamxcUIsg8QmsWTvWKsZmsGWnfrdgSjO-paWJaSUT-QJzQJp-rYJvLiBXyCT40KZ3NsCoqJptlct-aZ9grgpAhzP2rBNGwev-vcTBJO3Ew_OLOkVjMGEEni3s7FHc8Et_7yNs-jcjFVsHWYphofsTo7U8OcEKJRf7fRDR7l6tcaC6rozqfJ3ObF3Qh_C3FicxK-sxE0sl4Qbm7nSkQ8yCrDYEx5I7bv_LmVyUdetAmbs4_x5eNk1esxJkGRL9Df_BZq3rU4ZCvimYfu_4KIIvUQYU6r35J-M_Ufk3Rh49XKNDN4OnBPcsS0B-T--AuBCMuPJfx3gNd3nHns0aHyApzhDug861K6okkJNxiOejmXEsgDpGaQteqeo0p2Gn-otLSSxOTupRyuaqGbY_58yuNzo5jVpKOBKyPpGBvCCuNZ_dkBwokv4yHP8nZykGwa3MMWwe4AReCZvc_gv-tkOpyZU0O8-sJX4zfRJFP1JerJIrDDjxy4v8AdoELetg37fpZluZd8LL_ZJyJj6Q1Fg-5i6KA0-6DNJwGy8R8iVudISuM1e7umLpTYivnt4cNapCfZWTaVD2KiCocono6tmDkDk9u9p4iYjbsB2ZNKiJGSJKreFM0MWNeiu0SW5JmkkMuglPBf-iGqJsLJ55NoR_TuQURN4U5MOI69ZDaFOMY0dFBewZVTB7Xb-IP9Lo0xSIzk_gN-GuxBYe2weRGufQ_OLfK-rjhVyubf9VACI9BJkuPTI5rF8ZGXGn7OwAgVRkMCHAKNOq_O5o4bHPinVg6BcaDDWg9QOh65osonxB6j04dla9qindkxaJTQ&sai=AMfl-YTjtC5WPuPhOiKL6v3FnYzgu0PdJa2l-kHNkotGCxvZYRAuOyIFViaKYezcexGFSbh4fU8wQGR6lmUMEZA4JEBSuoyLM2_ndMxOdrXkAIFWRY2VNhPs4cj_hiBKOjAk3SSBjF2w9nvDzWHDLr2SLwKY0M4ES6iUseNszeNLJxr3vw6yAaJujIVaVMjqKFE5Kgvf3ArzzFly00RCcMDD6rNxx02hNB7u-Wlcz0WCPwgXp9vBzLCWG-zGSfAMd2tVsY6aa4v9FZShr5ND7Xu2QqwSsvDiAzt8NzQ0nKHE6cyy4YMDgA1HfGZlpOitajLVks8up7TAEZ4xWP5iCKs1aj2Oedy1KkLbRj2X-aV7TJoVSoZzjukX2jO65UkrHEMti3Vb8FbNSTpYteWAxM-KDH1g7qD_xKJiKGv8Mgk6YymqxukQ2tjEmQvc1UUbjRAyutrM3d5nEt4xcjqeeJaonThUDbpzfyi3RPf7PDXOeHcfhIF6N3WVniauN15cTJDV-JAwFrg&sig=Cg0ArKJSzKOb58NjcvDAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=231&dett=2&cstd=0&cisv=r20240109.36051&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame A0FA
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrcktljo&c=3142748162135&slotId=1571374081067.5&qqid=CJaIqd6m24MDFQonaAgdRfkEQg&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A0FA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTvi_zv-iZZbpFIrOoPMPxfKTkATAnfHqdNqThpe_Es_igtr6QRABIM3ThJoBYMmGgIDco8QQoAH88rSvKcgBBagDAcgDmwSqBIACT9DiAE7N4BtHrcGSolyFpOcsTRjNUVgiERvMySyfEv0RwUb3SgDgid-tINd9_iAya1FY0wDkTIT3O0E2PlF1BuCPd5xQvw05PaufuV76vhW4ysF7QH57g0w3IvZQtrPPkJEcQU4er2gt7kmmK0_iQ1UT1agVwzsQng71ib8haBQyUqpaHCUG_r0vOIq2aFxo2IW2QUV3Se0Nl3xH4G1m3CT1B37rkgC4aApb7l8bU8nVlt1t6L5SaqWoZMMntDZv-sHunJQy93D4Nai6XQSxEkWosslnymARCvzUM-GeFENazQxkKQlzPrjhhuVj14Jta-UhupPnmEy1aSMQPYtA-cAE3aqBnsgE4AQDiAW8tJzcTZAGAaAGToAH_KqFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljm66jeptuDA4AKAZgLAcgLAYAMAaoNAlVTsBPz0pkWyBPs1ojkA9gTCogUA9gUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1705181136478&ai=CTvi_zv-iZZbpFIrOoPMPxfKTkATAnfHqdNqThpe_Es_igtr6QRABIM3ThJoBYMmGgIDco8QQoAH88rSvKcgBBagDAcgDmwSqBIACT9DiAE7N4BtHrcGSolyFpOcsTRjNUVgiERvMySyfEv0RwUb3SgDgid-tINd9_iAya1FY0wDkTIT3O0E2PlF1BuCPd5xQvw05PaufuV76vhW4ysF7QH57g0w3IvZQtrPPkJEcQU4er2gt7kmmK0_iQ1UT1agVwzsQng71ib8haBQyUqpaHCUG_r0vOIq2aFxo2IW2QUV3Se0Nl3xH4G1m3CT1B37rkgC4aApb7l8bU8nVlt1t6L5SaqWoZMMntDZv-sHunJQy93D4Nai6XQSxEkWosslnymARCvzUM-GeFENazQxkKQlzPrjhhuVj14Jta-UhupPnmEy1aSMQPYtA-cAE3aqBnsgE4AQDiAW8tJzcTZAGAaAGToAH_KqFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljm66jeptuDA4AKAZgLAcgLAYAMAaoNAlVTsBPz0pkWyBPs1ojkA9gTCogUA9gUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A0FA
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrcktljz&c=3142748162135&slotId=1571374081067.5&qqid=CJaIqd6m24MDFQonaAgdRfkEQg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1pl&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A0FA
33 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CCp51P5j6Qgu04itpzGZMgEYZDwhOj8wLz8afTDtKWGK0RnTxy42nRccdk278JgP_8FTlvV-3AE3rVs4e_N8JFn0U5kw&cry=1&dbm_d=AKAmf-Ak61PZwy2UNqipLuocOFQ_KJyX0HFoBrHJtWkWKjwxJjuw53zcsObfEMZ-mIuK32Bw2Yjd6-Dyxop7lh8F3yg-koUeynJhgrwj-SP24Ggt_MXQan3w3YyEGAQroi32bFS03TOJ9vwWRzm6Kp_xNj1zeEbNFkEyc-ehJxNqECE_dAqk0cvSkDb9LZzX13ijEEid1J67cB2K1Z-tuz5DEPGIRb3RJs-VVaFb-Wxfo0HSP3R1h4jXpbtDRzyXdY5lOMIR_H8HGHzwWUrmqX-DgnpPVRA0F04qd3gMoJopleLsplwvl_ztFe8iXC7fEJ-BrEPgzqE7pxpmi8ySEbt8FM7ORGnMpMuFsOrBc0C3dvKOj4MTk89e4WaDXdUFFqsMEnwHbnn9BY8gID3ia9PPmQybR1eMA6ibJzcEAUsQ9GczYTcmJc7zTt8Hsv5EzA2MTdwSTzpOnqpQOf_FdGNGmst3ZbZjxLM1vUAS7muURLVUD6EbWQv3NERJlzuTEg8ODPiH1Fw_e26ooDJkaPMnVgJqQ7OGciSdhGxETam0SsY8AGCaDLhjEL8xlNtYgs4_WzfdfdVloHC4xAw3B9QgRZk2-9g8Eu1Xwv4KZ8VC-zNdcRZLtSKxOQ3hXN6BdQdPEUZ4c9w0DfVI34_3JSZWBnOCEdne8ZgH2MidbrvG6B3FTUgFSDCL8NWOJku72-eDpY858nq7KpJ9waEivZuBZb_Ebyb66eFnMtWDlax5BiQ5mf1JCU5zDvsoIH-h_Ou31lDy-fnFQmHuVzIal5F7KGA-4Jwre4YUP3Ymo8--IXCcJDWlckH0hV52bpSaFSxMVY176GT2YMA-GI-qP6Ai6fmvHyj-eWgehnzmOKwrQEv0lsqvIXUB_2rLt7bOtK1ffMice3nS8NLl9jSj5QJMhrY32RR_wKPr92kG1mxmp_HjTqM4X6opgQC3xl8WiCIWpox5p_8C8EzPdYxCu6A9Y_Pb1ZPpMVz8RN8151w4QtfpGB_U7hReklj0-TGsL289QRv6RQ3k8GG4j-lib2M_RJfkp0k3qzEedRZSG1_XfH9-9GUEM0cHi11GDFoMrqx8hxnNuN8DDzHDyEEje10M07eqjZ7zQvA08SwdDMlpBdtDyO3yxbnqNbRbgCtIr-YQdG4de8B5fOJx01omJ9udlvxXnPJuaDK-d5cojwhNMsLGiawqXDHjQI47_MMY4H2QsuucliJ46AgaHRUBAa0wPp-rQJdbSTN3Zz4w1d0JhHRacrHgf28olVr9YCiYK4pNF_59O2gjpZi4xH9geG5j806wgyrYPsEcYNnmJVHAYhcj9wiMeZX5kG_IQeEV5AlUChLP89Gmkvwwyq6m2NNhoRI6Ed1aasbTNTtrSCUaSlNGjr-XKIFHzZ4WAlEbxrRFN7bF_sh_BAp4FvotfYIled23IzBs7aj2JkyeTILQjD5cK8T5zxW4UJ9EBN73PGw_ha60ed5sVzUVdJRW664L2L6fbcS5QhtfnaYLBDEUqjDWq2PtPlHjWerTjflKKH6e9TRuYtAU1nE7iBjHC3sm-Aufhz7a6lAPZiQUYAvZL-fq8yqbvASiY3eN_0RWa0tBslaHd5DF_Ot_vGJOqMHZOAjcF4ilCWRp9iWrkThizsTzNzb3xfZxYN1Nkx3W3yKyi_B_fqXmwbsQH3cHiLdz492KD8Zt805wz9JWkmuaEIWnupvNG8m_KJrgJpspgcd06jxUcdHaEDWlZrxJp7x5Zdozg5LwIDYMQt-8Gh4MYO0--4qH_096LahO4HpPR4wCwoplhhyyqRqbQmb0UUjx37D9iIYCFrY25cOjMirh2azkM7glSGBpimnSPpHNHo94b_xQlqY3k2V5BFdadMv3kduw6UPIcnqeYouqwxzM-VO5jipDKouzshPAYtqICmawoq_mjzbW7fy3wOOYGUYPfAVUdMKx8j1FJopdMQz4J0I-UVNE18xsSMD_PlLYQGQ9s-mb15xquXTyrYQsFMRgA3yviymWnnT452zLRUJH3BuK2IsgW7MDHjExDRyCswg0wzRmBkLGF7BzRGsTz5etbDchV8-lw40lpwyRZjmOAvwcJa8OcROXFcOjuwKVxYEuHPEysLdx3nC2kOEOdtEnnhPU5iFSgMO8lrZFrSmFGpJ0acldrGDIk_KOfG6DKCeAWTlgXxWEpVzbkneU8zVq5V-d5rtS1ofU7QpP4lorlZ-1u0E496FDk8GxvIo04J6t-oHHGorYo3myfy92g30nZIOUNeJD4mL5peQbucKjWrW0T0Devv3DZvUYjgXjh15Ab7MK0xYCf-k7rbJT4sJsHvQBJ0BgCo-v1qOkjkDmJk_UnlZqU3odfPQfymY137pHKkfFoDXpMbRGqNuDkRWnuc_J5oh-6x5KZCYF0ubNMTdVzXwBCGMG9YmQFwLK-lrQt1FYir72XVydoHPZkOiJ5-N5K4ZVxBd4ig1Gq-Qd_XicM_dRJvl6AG_yfGUGSgiSYMRYiQu3X50L4XcgvV-cv0-jnmIFCmSpoYkRn-s8Mi4EO_PuXQy7XTgrXfceclroFVVf4lUwI6vieM3g7ngJhRhwgojb3js28bK6SLIBNrWGfz8CG1s_Y_QEJl66jTfIlcGIz52BBFPVoaVRkAkUqBUy_gGK5vmYQmSRSgwc1WEWtbYRzUCF5QAnvuVbNHvP70LXaEAxvpKQPNDIQ1I4IHDDkOpZj5Zgdkm9QQtdxuhihYnpVXerw6-DlFaflcSwVqr6ReL4Zl2eDKPX69KIG8GdJAVrw56QAMO1sXkCxPnaHCJx5ZYuFKuka1l_wfBFqbMPk12FY74I-cIV0x9TJDVLj9tFaEbB6j_03Q7I2ic2uS4nIipbZGWWhS1LkGFTx-Lh_g5MKrQ4Llm2iHPoR7ID0t8REowndGo3wUdBK45tZ73X4Q4fF8u96tcS3bFyR1XAKDzVGkfJj97JLk4R7836OW820Hsny7A5TKtmlhwhZ9nQYp8bkVN-M0InfPZjHSNqZ6J7JsB1iPkymBTYljeC9GDW_wRoA4InMOvW9_vXoXiN0VT91N9NZsqlFfRRHa6_VbM87a8bK6gzoGe3rA-kgeucLno74MZi06Jm3PdWCxTgtBe6Nq6dIG2n9yBiHD9ghQYImual7iW6bkQ_FIUiCygbt15ZGbsbMHhL5DBxmB-bwVKkRjZheBLtg_9QiUKO3xTxPJVgeYSJOSpS749m_gZDwQHSt4tBZ2VHyFgyuFjfNb1F1mrtdXJ9q7EHeW1OeydHaH52PjOexwY8r24eWBUbToUmBpI-4LfVMjmki-XHQu4jEzBR9ahIjIBC2QUu9rA9yIlyXycuF8qkRrT0OtuO9RaO8k7Xv-zdpzXZxh4FStkPo-CtSVVmT8PUUviabUhHeNoViDwMtKByJ6CTBH6O9MCwtZFgj8KicRtotAaKQ609cHk29usif7yCT1w08TGcaiD7P6Q1yB60IwyVf4HNL0Xmhy2lDv75e3cH1HtCwJgMw2OcAhK8bU1tHaKhl_zItBZdUp-DadOF5BVc4F52ZJJO6RTAuWuuU9kVk3X0ayMmIGPPynE6lmIJSSh4JpzA&cid=CAQSTgAvHhf_Aao3XTqBHs7IO4z_Zsd088tJ0nInorSPtzG-PH2jgxVc41oBJni11OrGNEKdiiLyQMUQueGTch2jjhK0qzRn2_ZBxSfVwxgzjxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
1c78e65b0e7238a1c89680d39a1961f4692b6e75048d65d743276d50cee7489a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18181
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F5CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:36 GMT
expires
Sat, 13 Jan 2024 21:25:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame 8DAA
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
117659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 12:44:37 GMT
csi
csi.gstatic.com/ Frame A0FA
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrcktlka&c=3142748162135&slotId=1571374081067.5&qqid=CJaIqd6m24MDFQonaAgdRfkEQg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A0FA
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:53:54 GMT
file.mp4
r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame A0FA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A5CE9FB04E42691DDE8FDF36F205998BFD61AD8.8277C0601D2D376DF0526E5B7B85D7011A8D9764/key/cms1/cms_redirect/yes/mh/n5/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnee/ms/onc/mt/1705180054/mv/u/mvi/5/pl/48/file/file.mp4
Requested by
Host: style.dongvatmuonmau.com
URL: https://style.dongvatmuonmau.com/
Protocol
HTTP/1.1
Server
2607:f8b0:4000:41::a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 21:25:37 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4204145
Last-Modified
Thu, 04 Jan 2024 15:52:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 13 Jan 2024 21:25:37 GMT

Redirect headers

date
Sat, 13 Jan 2024 21:25:36 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A5CE9FB04E42691DDE8FDF36F205998BFD61AD8.8277C0601D2D376DF0526E5B7B85D7011A8D9764/key/cms1/cms_redirect/yes/mh/n5/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnee/ms/onc/mt/1705180054/mv/u/mvi/5/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame 527F
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
117659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 12:44:37 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 591E
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
122019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 11:31:57 GMT
expires
Sat, 11 Jan 2025 11:31:57 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame F9CD
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
117659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 12:44:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3baa926a87d7c89ec03d0b2463e19aae2e171123d572c37f6be6779921d5c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12119
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 591E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 20:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 20:43:58 GMT
google_ads.,728x90,
fundingchoicesmessages.google.com/f/AGSKWxXKM8HlV4kDghIxpv2-FjUqUzvRbM5w8vCn_F_lqNQYH-tf3RHOCa427ZGg_fEgsVmjGuBqXo32wdjtdAXCfFXAsz8c3Unyr4hPOVKFz3Blia67OigdRUn86ua_TdX3Q-DsJlzx6SJCGUf-6OrOyHvBOAEyV...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXKM8HlV4kDghIxpv2-FjUqUzvRbM5w8vCn_F_lqNQYH-tf3RHOCa427ZGg_fEgsVmjGuBqXo32wdjtdAXCfFXAsz8c3Unyr4hPOVKFz3Blia67OigdRUn86ua_TdX3Q-DsJlzx6SJCGUf-6OrOyHvBOAEyVYprcISTmMAJNvgYa-H_DXO2WrRpsyPD/__400-80./getad./phpbanner/banner_/google_ads.,728x90,
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwp5gd9Fr7u9Krm0QbCjoSe6xM-qw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84810452d4a9b1e8586bff15df841683cbcfa295f5063cae26567daf6a096ff7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DlxIZMgkrD6oQMlnH4H31Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-DlxIZMgkrD6oQMlnH4H31Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwp5gd9Fr7u9Krm0QbCjoSe6xM-qw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 14:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
26141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 14:09:55 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Iu0fA1jnHjUPIp_QQ8O8Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Iu0fA1jnHjUPIp_QQ8O8Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://style.dongvatmuonmau.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 21:25:37 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xECAZnTtjJcPuOJ_5CHkPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xECAZnTtjJcPuOJ_5CHkPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://style.dongvatmuonmau.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mqrQZ4QgmhvIlXVm3FTVzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-mqrQZ4QgmhvIlXVm3FTVzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://style.dongvatmuonmau.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fz7o1FCfDXH7l9ySx425hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fz7o1FCfDXH7l9ySx425hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://style.dongvatmuonmau.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsoAOvoBuIA90kYH-VcD8PK_fQZKjrkswbLYGMtHaVAoerStyHW0iuy8tTTMLJdi2ykVJA7BSKEMOneJi6h1YgpzK1kxsN_nvwCJ1zCoWaB3qTkklVQnNerfXbvwGlm-g6JKOMDw==
fundingchoicesmessages.google.com/f/
5 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUsoAOvoBuIA90kYH-VcD8PK_fQZKjrkswbLYGMtHaVAoerStyHW0iuy8tTTMLJdi2ykVJA7BSKEMOneJi6h1YgpzK1kxsN_nvwCJ1zCoWaB3qTkklVQnNerfXbvwGlm-g6JKOMDw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTgxMTM3LDc5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdHlsZS5kb25ndmF0bXVvbm1hdS5jb20vIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a92c38260ae607e151fbd8d1b91432299896a7595612e076a21ba37523462b30
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YzcpGaS_bMrNf1rV4xHNtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YzcpGaS_bMrNf1rV4xHNtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DAA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkwrGzv-iZZnpFIrOoPMPxfKTkAQAAAAAOAHgBAI&bg=!iomlicbNAAZ1R9vHVUc7ADQBe5WfOMgAlmb_XpR7aFn1vbNOLvc2zYYUdWCdBOUuEuug7hoWQth0G7bP3WPE2ptPLFdqAgAAAUBSAAAABGgBB5kDEQ5PQY89Z5c2c3Heeam1mrucwmUEMDGTHMpagjBZTgfUe6rmVSnmabkrwC3Jt1ui7asbXmFEMn7qtOy0ZIqc16iSZYlhxQQw5BRL9Gj6xdIOAiuIWPDRpyPPmGZJOaCQjnNZIHvPKSY7XYMc1rfV2ai42VqvICsixTSLyB4ljuv_047qqBUR9PZhAcvdI024ps0nVn0CIL4zRJeaVqIFyhYTw-Jp5j2NWAZJlaCGlLjF5muyeH5CXL3A14oHEGu8F3dhXyEKAdD6gPIi3KRTlD88VPY6yTr-xfvaZZWAIwEf2srSsPZ9Cww3_ggNwlE0fxtDJ8jm9WN5mNW4l-YJkU4aC_2b2WwujbHqL8jZiCICoWsugCs7JP86ZXiaSc4HfIgb5dfRoDOKUiTuf7IIqdfEfGcr8Cf3W-ifoG-Q0bbGz4wPz8q2t-wts86PdM4V9YBGvZDjVzoh7f-8njGqc0ofOB7Mat6MnI7uRLivKafNJEUdExlYgmfgLBtK7TyYcoFjxplHZvSYZFJy955SGTc-n-yZ1CCAxCOH9NL1ukclvDBopSAxAiyVv5OXX5RV5yG5qRTZihtbY9OaZ9rsI1L1KhxW24k8psdHQisKo4ZQ0Ua4sTATKT6qqaCjmy569JOh_SDdomjGD9CjIDf4xWZOfAk1W9MLJxeq9OkFQcJOGsScjIFF9e0FokF-EwPkPdUtrw8y8f6Cc8Tq_fYJhuSfkI_s3FfRTkiAC5uXhhTXBXtlL3MkTF_FKuQQoXHgVuzAIk2QhEnCBTbHZEU43nDdoMSiBq_BV0HxFydHGnBgZewD-AiIu6BQLcrgqY8uFs8jxFFmGie0lXpcH733XvwFklEl7ieETsWUuRForucgka9mkOwOT4tvBMUcao9QKscSoixvqNEVzHKGpxopf-yfMbW0eLnGrPJ8AYBnykNasU7Yw7yYnW8Gbz1vXyFX2YAe9XN0cJSaZyfTY8Z-WyJOSETyDh1bIdx681-LsbFnBfLirLNkFT7WFEbxdb7biDHBDb8r_RR11k3UvBX9MkrD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame A0FA
217 KB
0
Media
General
Full URL
https://r5---sn-q4flrnee.c.2mdn.net/videoplayback/id/4cbdceca4294f890/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848831600/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A5CE9FB04E42691DDE8FDF36F205998BFD61AD8.8277C0601D2D376DF0526E5B7B85D7011A8D9764/key/cms1/cms_redirect/yes/mh/n5/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnee/ms/onc/mt/1705180054/mv/u/mvi/5/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:41::a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

expires
Sat, 13 Jan 2024 21:25:37 GMT
date
Sat, 13 Jan 2024 21:25:37 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4204144/4204145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4204145
last-modified
Thu, 04 Jan 2024 15:52:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DDCF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
15227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 17:11:50 GMT
expires
Sun, 12 Jan 2025 17:11:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6D73
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62dd8acc32df4754c23a2e58df3c9306e64ca3541d877c931e4af569a799e4d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bMWI_7frhg7pguJ5mZHl0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://style.dongvatmuonmau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bMWI_7frhg7pguJ5mZHl0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:25:37 GMT
expires
Sat, 13 Jan 2024 21:25:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 591E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Boe2I0P-iZeWdIdmLnboPrvug-AoAAAAAOAHgBAI&bg=!c3ClcD_NAAaumcC-jpk7ADQBe5WfOPYeKwWnRSUC4XP0Po-9udrPTMmsHYEDRCpFY9ymBw8V1FOtQ6d5r90ZUkQ51KVZAgAAAGVSAAAAA2gBB5kDGQL2ERxIImHJGr6JG_VRRkhHaQyyznw_17kV1_1WUflcJpD678awXOCuZb4a6qGZJRtPsXrnYToH4K_ddSr3_ubeiGz_hLX2IW8hs7-eMnuG887CGqIiBG531zuBXmBgB1wOBW81nvjdK2F1UXSuLo3IJku0Zez_BodjjB4HKl7XPs0-W0601i2mTiYQNlj71Llzw9XmqnWSBZcN8Z3vigG494-TmDbvvzH63bYp4x_dc6BIngOz77AhMleJBkwbkqv2HvacZy5cK2OFo8ADcsro4kboMzIOcRKORVnxqU-IZ34zhJnOWRV4EQNEOC44ptws-d8bidBP5oBxku3nMuY-KvYGu_swmOSszyik2VG8qrhw5heEsUkDcC0pYHwgOB3VgouUJ4r8STWb6JJIIcXSeZfbAWCvXdkqIBvBCjEy9oOMJxtdqEXRG77U4B_-LAfhQLexoeHBA69IthrVsAn-llZ_WvQ1NHMVP5kX2qRVh9cp7_UMPqTcJRIC__mwFT1Dj6g9MmNNvO_-aNAIIQZKwb9OoG6XODqeHkHOgaDdC7UYLQFlW6AbFE0Cac9Kk9Ix4djNxp8czsOOwvgixEVxQM3p7OyG39gKecoYywkU1W_FS2CWb7bQNuSVzue8TgKCRII_KitxPd-Ha2dzPekVy0WmDx_OuZ-VfFBb_TDX7oYdyFhGgW45cizrqeK6Aq1og3esEB_g9AM050jODopkS37TV2Trhv6R3ZHUDp0pfulMBARIZSc3fBfXqijg5dO7hKorVjQVu0yRlPBIkMO67mF2DpVXmkne5oaVh9qdUzhwiY751W_cEzzhXC-ept0RM151nfsAROOFYXRawj99NRadmgeTKAlbrzyaVsLw-1mWIr3RaHtFpsA_SDXOmHp_ki70ptsDrjJ0sQ6OPYWAyKavqQC8Zc16Nt5ccpB42Qf9PnkjAAiOyV74f36R6nqx5qeoRE9_lDcxEuh4oDUsgbozVDq_Ari-E1dYodvH6tG6a-oT7Ivo9oPbfmGH-o10SDGsVn9Y2O3nuC0I8nI9sumBprdEBHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fS9mLkdYD40Xtby_6vDaXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fS9mLkdYD40Xtby_6vDaXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://style.dongvatmuonmau.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWXs9BRMC9OSzT_5a3AmIdS8XYP2SCy-IfCQkbC1H6oyRpLXws-BQtP4CrWJLw2yms4b9MTeRMk8NnPtBzSkCE9cjFTLMmX4G9ka-wHmVr2Ko9cbEuyA_DDfHZ3Qb-NmnakjKb3WQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWXs9BRMC9OSzT_5a3AmIdS8XYP2SCy-IfCQkbC1H6oyRpLXws-BQtP4CrWJLw2yms4b9MTeRMk8NnPtBzSkCE9cjFTLMmX4G9ka-wHmVr2Ko9cbEuyA_DDfHZ3Qb-NmnakjKb3WQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTgxMTM3LDE5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc3R5bGUuZG9uZ3ZhdG11b25tYXUuY29tLyIsbnVsbCxbWzgsIjE1bUxwenJ3THJBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d745337d83efdb3d7ee125ef31211a18a79b4e3600ff30b382092569d1f63986
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CkEL0h612rOp2M74jBLB_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CkEL0h612rOp2M74jBLB_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDbkLIfqn_QlQKFhwNoxjdc6CE95cGA03wkbqaShs4nb1iMBpikuZvGdQOr77kmjTROGoSwo1IaWVPeWq7QZ_VYxyWuTdobE2aIOB69zcTeuLiHJODk1FD3Pl-3ZDEmfWVkAeiZA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUDbkLIfqn_QlQKFhwNoxjdc6CE95cGA03wkbqaShs4nb1iMBpikuZvGdQOr77kmjTROGoSwo1IaWVPeWq7QZ_VYxyWuTdobE2aIOB69zcTeuLiHJODk1FD3Pl-3ZDEmfWVkAeiZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTgxMTM3LDI3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdHlsZS5kb25ndmF0bXVvbm1hdS5jb20vIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
512884bc069d062a20bfd2b0b2ed7439ece5bcf019c079e16e3059abce91fe5f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CZuz38ZMJYUwKmUov2H7IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CZuz38ZMJYUwKmUov2H7IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame DDCF
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 20:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 20:43:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D73
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2670670435242326&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

AGSKWxX-Qdubm91pPAlv3N2E-V_K1wblFgFRs518JlFYhCpjDNgX-AT6v5i6h09pHP8SllyGiROgIIEG5IQXzjwQOVpB2jnEWC7h53CiX69pD1J9c-hoBQCpDS3UMVE0dXPwuqNoSNa1qQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-Qdubm91pPAlv3N2E-V_K1wblFgFRs518JlFYhCpjDNgX-AT6v5i6h09pHP8SllyGiROgIIEG5IQXzjwQOVpB2jnEWC7h53CiX69pD1J9c-hoBQCpDS3UMVE0dXPwuqNoSNa1qQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2oERO_GyxVCQPdP2vb8Zsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2oERO_GyxVCQPdP2vb8Zsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://style.dongvatmuonmau.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCAptPaj6_eQaXq-DxtPGuXF4NYL1wtJn0RuSGyUvT3Fvch0NBXzkgLih4Vvl3Pa7FO6dNPVch2PNaeOKgI_wo9dwCfm0XqtVDdS60WgYTgjr3RSVvdET4MtezTVVBvX0Eqgk47g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mHL6EG5FDyytFAe_SFCZ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://style.dongvatmuonmau.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mHL6EG5FDyytFAe_SFCZ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://style.dongvatmuonmau.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DDCF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?yhbdDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:25:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CF12
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3mt7taYtsMyR8VskVT_JDB2QMpKJeE_yQlWCyBoVAHZTscjRYS86rYxZAiVqFsrB1GcmxsxZoEvriGrAZylBxn5xnnL7Tvm6nHwDv7Cgn-B3Mu6KgkkyYO2YDmnCQwaOiBWYSPmL6NhMre8mX2EebeQS8&sai=AMfl-YT1jMA74GRwrZ7T2UNlAdh8GXOrGwdef9tglixXmy7LkaQ379EtokjH_qPOB37BssslXXRs8ZvaFQCFDJ5crqQ6gMLkbQ5OSHSafvqXtotJPd0ryApFt6I4GGwARFx539YQbXVsdbIh6xav7Ym9&sig=Cg0ArKJSzFwVJzyw9XwXEAE&cid=CAQSTgAvHhf_Aao3XTqBHs7IO4z_Zsd088tJ0nInorSPtzG-PH2jgxVc41oBJni11OrGNEKdiiLyQMUQueGTch2jjhK0qzRn2_ZBxSfVwxgzjxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=690,1000,1000,1000,1000&tos=690,310,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705181136133&rpt=514&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A0FA
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrcktlo1&c=3142748162135&slotId=1571374081067.5&qqid=CJaIqd6m24MDFQonaAgdRfkEQg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2038&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1tj~vil.2df&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 21:25:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2670670435242326&bg=!QEOlQwzNAAaumcC-jpk7ADQBe5WfOC-vJunBoVM1TKyIr418hW23cMmMGEAQvgA4womm0a4nI4u_HUY0wOj2uOdA3qMDAgAAAEJSAAAAA2gBBwoAaoh_QYJI8KZV5_Bzu-uvCtuAMBap-k_g1kmQf1bpV6DczYPgHtfo8-vHMNHss5ad1mS3nMQLIxtYO7EnaBur4c0U00yiSu6lEpz6oGe4iNoZgz_WOfMkhURTgo0jhu8e2AyCJ9LpqLDO7oqZAsZWyKWxWpZWQjTZnHtihPHJJt3YuRa8rlfOJ_GR0zaXpLtGH0uGjIHKLIuFmhoZ-K8Y6siwIza-jv_QnlSoNYFKQA-ZkaqC-j8-qkMIf2FEPvLATu0YTgpuevVn-u8-kXL3lKxxxu3-l9UPQssS_Tn6JnZa8GnawZRCWiTcYQl4aaNqP7yHa9W-XSkIsR65-9mCfbyFOJ4kSOtvprSNmBl-vjwOdgM6EiIXUOdNWTBVmuCxqLTtlIjEvxYoD-ARrbuID5xZNPq__1FYp8tyT4ylTJ9osaBFNR0jxszC5ommgajVWcSGUgt_a7Z1MJla_QB1YiuIdI84OAOd9PoRP7T547MF31FwVK7mmztKKOoVspQIHrVLEXM3ZzZq-AXkzwRXN4By1JfkucGBJECPrfKeDwl_th01cmB9udX-fqIsBfTP1lGz_qFcOs-MnWpVnDgI5sulmUsngqwpkGV0OELXkbcPs-sBnjPsxX2PHXNkaM3o5dK8I1xFhM1EqPnWB_j8vpBHcpQV6R96zNJw18OQG9DSQdBCIx7RJgIH6soQP3Tpy9vcRJ_nKGz0SeZ3DhvCEfBlPBJT1qRrsVM9quRgI1j0ld2jstRlmZSd-v8LoiTGtiZPDygutpAevJaImJ-zjJJrUKdwM6K-VI5bPmz0E0Q4dCcVbmnPZzDYgDLU31FXXWQGGg_lyBWo7_ocxRpP0o3m5unZ1br38co8Y9gTMEghBAdVF3B4vjcjOXln5hUI5wGdo29K1N2K5TbXYF4pU1ypLHuoF_iyNsjrA2zb86SNbESkish3sU0tzYwNKswUx949zXujTFHQrQp8CjNEsuZmAEBLAJfnQLAChtPbwXC3epSbFNTNsxppv-axF5zSzxdmlISAqKTsVnhkhz2iWZvez2WKPGe-9PunzWWlvlnYmvnYY8RgC_-TlPXPeDUSwMlLww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://style.dongvatmuonmau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| _wpemojiSettings undefined| $ function| jQuery object| mts_customscript object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzJmODMzZjE4NTIxMmM1M2xvYWRlcl9qcw== string| YzJmODMzZjE4NTIxMmM1M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag object| GoogleGcLKhOms boolean| google_empty_script_included boolean| 1e206333-09cc-4f0c-a888-8e25364c6640

12 Cookies

Domain/Path Name / Value
.dongvatmuonmau.com/ Name: __gads
Value: ID=517cbe0d5044994c:T=1705181134:RT=1705181134:S=ALNI_MaLT6BAcqKBhkzTGYBnjDQ37RlyHA
.dongvatmuonmau.com/ Name: __gpi
Value: UID=00000db6f8b3f3cf:T=1705181134:RT=1705181134:S=ALNI_Mbb3rDqjBwC-4aKj8nJishIJnpO0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnX3Q7THNOvkobokiKjRy1zRHhptnwNdqXN49ecPwklCdIPC0g0cUJ_vCqlMHE
.casalemedia.com/ Name: CMID
Value: ZaL-0Gt-souFWvR4NQWJ0wAA
.casalemedia.com/ Name: CMPS
Value: 2731
.casalemedia.com/ Name: CMPRO
Value: 2731
.adnxs.com/ Name: XANDR_PANID
Value: HrO7ZEbM7r9gF8o4gjQZ8ZxUTbcwJbA9vA1QtV5ZkGGxuveL4WsgCmsgCMRAYRE9tkFQdEMccCmcPPNaxDycKg8LdhHA4tbOaIPDwSj-7e4.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVGx:FQ]!]tbPl1M>e)ZlrFUfJ+tGXxpCa[PwEV:4PY^*uKcb8yawO[42%c?/M(m1y`m*bpRz*qF1`*b_jt**lRL
.adnxs.com/ Name: uuid2
Value: 4998933786644257452
.doubleclick.net/ Name: APC
Value: AfxxVi54-D_m4d_PurMbkXmDFCAYvRvtCpQ2u1pVasiZ1zNAbNk2ZA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.dongvatmuonmau.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-rO8m7XmkshALVbAZLscUemLMojQR2aA-CyiXsEZ8O_UWLHy6Rf4UdkbTFHfjBkC9CNEPcsYzS2CC1TGaF3OiNbObaBbY7XYmukYCS8qa8lAQ_EdCFF1YwmlLfhmv_lMRX-p9n-gscC7XeaK8jNftD024AsQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r5---sn-q4flrnee.c.2mdn.net
s0.2mdn.net
style.dongvatmuonmau.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.251.167.149
172.253.115.156
172.64.151.101
2001:4860:4802:32::3
2606:4700:3036::ac43:cd19
2607:f8b0:4000:41::a
2607:f8b0:4004:c06::71
2607:f8b0:4004:c08::65
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::94
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::67
2607:f8b0:4004:c1d::9c
68.67.160.75
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9988d00ec65762366db55cda65f0391ff10ba974a4dfe9478f4bc56f1adfe0
10c5ce58173b7f3199feb5b3a16933b18a1a4d016eda9717465c654f0d065567
18034f46c5aa11d849c03b6241ef9ca63554393ca2f9a8f45d33a159a44a1009
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c78e65b0e7238a1c89680d39a1961f4692b6e75048d65d743276d50cee7489a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
25eabefa5ac6be0eebe1f6ee9554ef79b16422a734756d375346996ed11a8c6d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a43022d64e9a3f1c5eb99212868950495e1b8d847aaad671e260067c47ba745
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dac1c8ce634946b06a28f307b8573f432898494491a12a6fe4d0e6d620f1499
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34ca0ac937bc08e617e466d8438b423d70fc95cc569d0bbb94438e96235366f3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d48110b078444b07fa296d8a7e490d8116f7972eea66f0cbf49675eee0adf3a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
512884bc069d062a20bfd2b0b2ed7439ece5bcf019c079e16e3059abce91fe5f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
59e1bd76c1002b66396926414506670556e4de54ee68373fdcff8033c9d76303
60ee135c332e44acb7d54dbac9674027d629058f509c6c4293731dfd76b8d4c8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dd8acc32df4754c23a2e58df3c9306e64ca3541d877c931e4af569a799e4d1
677cbfdfcb64ca019993c7fa8a1daaf0cdfe3a7acc927a886e8d971adcef7b7e
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
73c4455d1517652b0015ae7c4638d411928039b13de570e16cee76d09048647c
7915ff746073ba3c113f89c53c2cee6a9f508e214d9dd9636208fa4333d98952
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
800ac569bf0aaac1ad3e5ed4bd2fd4523c546e965a7cb9345ed6a1ea9ac2c21a
84810452d4a9b1e8586bff15df841683cbcfa295f5063cae26567daf6a096ff7
8bbd402f646d556c9dcf1a376b0d3a133b261b9c2fe7040ad8b7754ec686a9b3
8e86ca3df22f585d6f88330e7024e53cb1334d4fa26c2833e51e6c2ffd69ab4c
91d315dda7a887051736b682bb78549908fbd3cc99632e63262472f362e8f72f
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
974e4845984871c49feed0117ec5fa685f94ed0116e94dce8ec5fa87ca71ed7b
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99fd249b2e2a46b680181ae4036443deabf61db59165cfad8dbd3cec17c750fb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a21ae315db249eaa911a651d2659a4af9ff8f2faf0984c5a2ed67d46dd8874d2
a92c38260ae607e151fbd8d1b91432299896a7595612e076a21ba37523462b30
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15e3ea1757595340f7f3bd587572af7a024a725d91092d5111b648233f2cdfa
b2ab69da2016b9247b77acbdc83c5f15569383a6f75e89c1764ca2181437a368
b68cb29ebb2cfeef19ae99f37060165be1d77a85649621376acda8bba6a8b154
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d745337d83efdb3d7ee125ef31211a18a79b4e3600ff30b382092569d1f63986
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3baa926a87d7c89ec03d0b2463e19aae2e171123d572c37f6be6779921d5c28
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e6c677e99da1f9014faa8aff613db3d9ccf06138b6e94190921c365835df19c3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629