URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/product...
Submission: On October 10 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 110 HTTP transactions. The main IP is 2606:4700:10::6816:30a5, located in United States and belongs to CLOUDFLARENET, US. The main domain is taimienphi.vn. The Cisco Umbrella rank of the primary domain is 315173.
TLS certificate: Issued by GTS CA 1P5 on September 18th 2023. Valid for: 3 months.
This is the only time taimienphi.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
594 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
186 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
190 KB
11 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
603 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
294 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
ssl.google-analytics.com — Cisco Umbrella Rank: 518
38 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 taimienphi.vn
taimienphi.vn — Cisco Umbrella Rank: 315173
78 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
145 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
28 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
110 12
Domain Requested by
32 tpc.googlesyndication.com googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
taimienphi.vn
pagead2.googlesyndication.com
18 pagead2.googlesyndication.com taimienphi.vn
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
16 googleads.g.doubleclick.net 5 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 www.gstatic.com googleads.g.doubleclick.net
10 www.googleadservices.com googleads.g.doubleclick.net
taimienphi.vn
5 www.googletagservices.com googleads.g.doubleclick.net
4 taimienphi.vn taimienphi.vn
3 www.google.com 2 redirects tpc.googlesyndication.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
taimienphi.vn
3 www.google-analytics.com taimienphi.vn
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 ssl.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com taimienphi.vn
www.google-analytics.com
1 s0.2mdn.net tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de taimienphi.vn
1 region1.analytics.google.com www.googletagmanager.com
110 18

This site contains no links.

Subject Issuer Validity Valid
taimienphi.vn
GTS CA 1P5
2023-09-18 -
2023-12-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.de
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh

This page contains 19 frames:

Primary Page: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Frame ID: 12D30B9B1FC655543ECFEA7209FA95F1
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 2E40E63E41535430C98FFF247EC4CC18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&adk=1812271804&adf=3025194257&lmt=1696899444&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644013&bpp=3&bdt=2077&idt=185&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1047673334885&frm=20&pv=2&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 200525457FF6FA908E6EE7F7BFD56B92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Frame ID: 64F08DB5CCBF0FBC3CC03F9A41BF29F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Frame ID: A76504A7D6D36315E79282FD3674813B
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Frame ID: 7564E426CB6A48B42C96A2C67DC7E333
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Frame ID: F5EBEE7437CA1F29687C8EFFC2038EFC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E40E4396D93EC2170D6D17D920BA8F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 124773663C4E7FE5FD8D10C104238999
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: FD9AA14EAF975C65A30FDDACF1B83CD5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: F54E85CBC9FC4981FAF628516E4F7743
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 609FB838749486B80A344E45C0AF721A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 05DAE691817B1009A126A8B909E51AC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4906FB6EA4F733580E28768729B88EBF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: DFA6D5ED5A3E77AE175703D90DC947B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 2245FC0762AA3BDDDB341ABB04E26992
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 9D02B9843F300F767241B2D467C1EF91
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD484FD9A3698A035F4969D00441B1FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 432BE4CB8CCDAC0AA4258FC6B6DDF98B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Download...

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

95 %
HTTPS

94 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

1558 kB
Transfer

4307 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1168173831&utmhn=taimienphi.vn&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download...&utmhid=1363209599&utmr=-&utmp=%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%252520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&utmht=1696906644258&utmac=UA-43176024-1&utmgtm=45He3a40n81NQJGLTL&utmcc=__utma%3D73394838.514937058.1696906644.1696906644.1696906644.1%3B%2B__utmz%3D73394838.1696906644.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=543543393&utmredir=1&utmu=qmAgAABAAAGBAAAAAgQBAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43176024-1&cid=514937058.1696906644&jid=543543393&_v=5.7.2&z=1168173831
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYyeplL0kZZ6gENGciM0P4P-a4A3dieSKc9mWlbr4EdTT4PuJPxABIPP3kCRglYKAgJgHoAGN6-akA8gBCakCDGksNTe6sT6oAwHIA0iqBO4CT9DjulJX4xqoYxcqwJX_mcK5iQSC90mjSsE711jwn7bMoZcdjbOcb-RreyH618MDpt4xIXc95-6_bbB4WHWgbYexdamV6-7CPi5emYldFSuSzVefgJ0zRzMwxTqw_dKE__SSRTmevGIsf_SMF1drorH1XUGO7_sGHh8snN-ucQCbSs6CHVZht910_aVtFX1YNyWn92ME8-RBz726lIhFXSibxJeyOx_9HwkcMetnHdgy06V66XqgBykTFLz0MXjzH9H8PHmh0PkkAn3t3aOnsaOG0CnnS3lx_cihLS1uH1NNmHOAkMffhFGL8HEKH0A2aDJ2M3FrFJME6KQ3jGUKT46W13BaUxD2qjeif2vCGNrjK3-JGy5f8AsUjzjky0TkE44IZ9A_tQ7C7nEvmBkDhB-zQo62lChesHgJDcBEyQzToN3hwS2gDubHM9IchREIj-iRFS9Or9USBXS4ZAQXhM5gawI5NMm1tCiPaxPnwATdla3FqASIBZ36kvZLkgUECAQYAZIFBAgFGASgBi6AB9uUmVuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDenvgB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJNWh0dHBzOi8vZXZlcnRvLWNvbnN1bHRpbmcuZGUvdW50ZXJuZWhtZW5zdGVpbHZlcmthdWYvgAoByAsB2BMOiBQB0BUBgBcBshccChoIABIUcHViLTY2NzI0MTg2ODMyMTI3NTcYAA&sigh=RLPwOUjFDlY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNjgC7LqXN4hKPUeQhFvoXxq-GyCNp98wm2cGKNS6RoI6VNBQdOKFW2aFWWYgqAg8zLGPJMfN3-ApEVrpWD0HJrtQWX20w_RgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223850719208178465294%22,%22debug_reporting%22:true,%22destination%22:%22https://everto-consulting.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22882488717%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229348427337117500737%22}&andc=true
Request Chain 70
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C5sBqlL0kZcnNEOuRiM0Ps6iJ8AHa8sGLc9_4t87gEaKUxJKNDhABIPP3kCRglQKgAaX81JApyAEBqQIMaSw1N7qxPqgDAcgDywSqBPECT9Cvc1lbrDQbE10pwV300eIAoguq1PPBtrgH9EZBgANsh7MNL7Mpy-VgsCYMjkqV14yhiPWKUNweKtpwMQVQ1wJuyEkFRhKtfO76N0B1DC4xgnQzAueD_SMdT_zpBT6yVAxkbsfqnHg56lFF4l3Es1d_-oUGBu2MmZoUVqXuAhNcP5fdppbLMVp-KHIC4608WUlhFvfTcsPdwewN1-OjzN-cfBCnUaKN7p0tzUxe22zUb88DLxmZUyZjAA6uDVNZnY0jjWHEoXbTRDBxY49HxWbEDc0Z-mhE-VMCEw-GcKEJ4Wk2GjxlkOYieQOlV2c_pBiFmPbkUy-Dfi0-ueYt3gy_y9GmOQtLyR2PBKAUXynlAZlcId-I5TZepigZUadw5CmmtZ33oeW9iRZaY9J5F5E6z4F0s9ZWJj77FbYAvb1NeIh71GtU6NaxJSeH35WS_US28KimCuDZ0Bqr70FOtvhBr6Q4s1INtUfN269KbmiVwATJs53wwQSIBYb3stFMkgUECAQYAZIFBAgFGASAB6W0pfADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgtYN0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJFmh0dHBzOi8vaWduYWx5LmNvbS9kc3KACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjY3MjQxODY4MzIxMjc1NxgA&sigh=DS9xIIC6uEw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNLpVGyveKG-1LMRFbjAIO8OqYElgiesguzDg59BuV2w4RAVSk7r_MpuzpZbK_Jy_mU8JgxJNjFQMtlVPx0b0o-HLwXrld-xgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225239222138553750505%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040800293%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217564152830493999057%22}&andc=true
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 90
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqQWclL0kZfXzD5OXiM0P5PCHmAnImdzEcrzJ86LEEabxhuOgAhABIPP3kCRglQKgAaOV_90DyAEBqQIMaSw1N7qxPqgDAcgDywSqBO0CT9AbeGrn071F_cWUC9dJhhAET8sr3N3XcFD10a3TvccdhH8Zuwsp9LE0Bv10JmlDXIgmfCWI7StQGz4LCIJSXyuzUMI4rmF10pcqikV-w_efKHK7zu90eDBEcbji1asOtIGrpaTLoZiffUdmrsicWUu1KkpPnDPafBdJ23Z1ntO3-V1p1SmOq1ig-2-aiHPjnt3wkR896pf1LNsvf5G7js7HxO-8fL3DLdUhm9hwq7A3ixdoEFN3L7rwFhuCW2qyWdWFtxEX5xwiA2xEknVD_h5Rn8dgsKXWjlyiPGU3ZECkMGqjvbD5tQdbVToHrlE-iOQrxN1bqHzK9mTqnAMZTbE4oayUCGfSIcm9fkgsN41ZNqtkPIbO9YgBahGBueu5aX03pH5OHZ1Y2vyvM1RaErBpsxs-F1fFIBOFJzSbcvj2YrDI6hOYPuo7ei4-ihwePT9Nm4REHfoq-WbDxOemj1NdFnyubgAmqBJAhDbABPKq9-PAA4gF4_6Ewi6SBQQIBBgBkgUECAUYBKAGAoAHxeqAIqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL6SBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5iYW5uZXIyNC5kZS-ACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjY3MjQxODY4MzIxMjc1NxgA&sigh=TQapOEBj_io&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215699146521641964752%22,%22debug_reporting%22:true,%22destination%22:%22https://banner24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221002424995%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214498186240828871185%22}&andc=true
Request Chain 92
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1PJvlL0kZfbzD5OXiM0P5PCHmAnRp4zRb7_6udeEEqbxhuOgAhABIPP3kCRglQKgAbfZkaopyAEBqQIMaSw1N7qxPqgDAcgDywSqBP8CT9C6nPHHIKYRtqJaUpReww3HI8dQYgdYtoAZDZN6MQ0IrY5flyWaz8YChpI00trtpT18UaEXveOoPOOgJJKEuWhdC71IW3eJb8ezYAtF9kkn7A8ynB_J_zCGB2_gaObjWlDib_1sVjzT63kp3mIe6czvaWZk7Ep6GxhTlt_B3QlKYQvRHZuTSHCH9wIa2ZFxNTa5HYyW6lQkJjvyQtPcnLpm2opo9epJBZudSTPhrOzP97IXx_kEy-AvsC1HmHZCMbgPwtkcV2Fvw2mJLs2ZiiXvg7U4KhfTrKsbXOnF0kpQJ6HlYFGpJ2os3_F-rSCDqJA0Ou5dwsvYt3mY629ugWBh9lQ0SzYcYYx7dT_cv0VNwiRs4msbEDv0fuIAmeI20cjA4KDIUa1CCsjYm-vjIiNE-TTSnWfH2RDiWfvRoZaThKkmkkk2n33V8gP_4f__K0u19ZZM_vVWxswhnAjYxVNWcuKy0dB93A6CCTEtY4Dmrs-fCBsGG6aKgBKie8rABMGTts-uBIgF8buF_EmSBQQIBBgBkgUECAUYBKAGAoAHt5HiiQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCkkQbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkYaHR0cHM6Ly9zaW1vbi1qYWdlci5jb20vgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTY2NzI0MTg2ODMyMTI3NTcYAA&sigh=_jvukDPwEAQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235494285151126711%22,%22debug_reporting%22:true,%22destination%22:%22https://simon-jager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211094224055%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228951991330002719025%22}&andc=true
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaLNzlL0kZffzD5OXiM0P5PCHmAm1w9aDcuj5ydbgEI_0kOPXAhABIPP3kCRglQKgAcCR8ukoyAEBqQIMaSw1N7qxPqgDAcgDywSqBIADT9AwcXnlduL6zwe9a4rHwvvZP9JXr6mK4Sd0Sf1MijMfbV701xWDfuBOVxK4qXK-NpsrZn8ruaCOEsMBPc6aAUS4p7qcvnouR5WByxFhIlF_sqqnAB8FUmEt_dONIKOQOjVRkEWBxVOW0vC1nFanvtSWM3U2qzT1iKUAvXlBTZKy0GU0NDZWFBcU3f5I9uJxeBDJ5oZtWxg-IZTjW_j9hw9gyR_QgIF09ZGzFllX0afFI2UYR-MrQhl4JJ1HGO5tnCBFDzEgiXVuo4AYclFdtPjuvzyJJICGLQl5zwCb98AxmYt7DA8RCJit5XcB3tFtPekA0VrZ7uDF5PSsZA4HYKju-LLWW6yi9AZDTa0HXEZ0ti6_dwFNlJOUDfe0agRuqp9yg-dHRhPe-oH3uMi0bbl-nQLCJGLU-uaoMmflggXPuWcN05AgvYa-prijVVtHb5BHit9mt-rVPHw54I2fZGaJ6D1yDOO68AuiWvi5VwrKlz90v1KuOiev921jCScrwATthNW8hgSIBcWC_d9CkgUECAQYAZIFBAgFGASAB8DJwskDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqvMP0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJHWh0dHBzOi8vaWUtZ3JvdXAuY29tL2llLWZvb2QvgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTY2NzI0MTg2ODMyMTI3NTcYAA&sigh=KRU_vyovLBA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229620960561269652561%22,%22debug_reporting%22:true,%22destination%22:%22https://ie-group.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210959489216%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214053199105709984977%22}&andc=true
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

110 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request rd-filev1.aspx
taimienphi.vn/
22 KB
12 KB
Document
General
Full URL
https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c717674b74e5a5388b8450155bd09479e5b9c60bf305019f303c9d974adfadba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
813b986decd44d76-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 02:57:21 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
style1811.css
taimienphi.vn/css/
78 KB
21 KB
Stylesheet
General
Full URL
https://taimienphi.vn/css/style1811.css?ver=2304vcx16
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7ce0e27b6893412fce1f9f610cb125aca693664a3373adde8c111216bc4cc831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 05 Dec 2018 03:11:20 GMT
server
cloudflare
etag
W/"36dae031488cd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
813b98702dea4d76-FRA
jquery-1.7.1.min.js
taimienphi.vn/js/
119 KB
43 KB
Script
General
Full URL
https://taimienphi.vn/js/jquery-1.7.1.min.js?ver=vx20230630
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b8c5880b9784e644d1c25a63675bdc78da75d96b81a684859ea78420f42e5051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 06:43:35 GMT
server
cloudflare
age
4188
etag
W/"833f7b311eabd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
813b98702dec4d76-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6672418683212757
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
622997dc26c10f5bb5ea272193b710b811eb376d3eeb31f3739b3df613c4e4ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Origin
https://taimienphi.vn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51246
x-xss-protection
0
server
cafe
etag
8457535277449200758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:22 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 01:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4062
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 10 Oct 2023 03:49:42 GMT
gtm.js
www.googletagmanager.com/
175 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQJGLTL
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/js/jquery-1.7.1.min.js?ver=vx20230630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f3f599559874169d0d202225c1143bb890ba001a098dca6cc63f353c4a97979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64376
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Oct 2023 02:57:24 GMT
logo_white.png
taimienphi.vn/images/
2 KB
2 KB
Image
General
Full URL
https://taimienphi.vn/images/logo_white.png
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef63db9f1c59dfec696a4d34eb37640cf5702ef24a7290777b157f833188ae83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2017 09:43:39 GMT
server
cloudflare
etag
"6f4751c3aa9d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
813b987d0cd84d76-FRA
content-length
2072
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/
389 KB
132 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6672418683212757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee257b25208ad5648c1641d6274df7bb90bd6ad4714f777d93385876bd30f453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135178
x-xss-protection
0
server
cafe
etag
12311674968398602584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 2E40
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6672418683212757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44935
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 14:28:29 GMT
etag
2603938475786422795
expires
Mon, 23 Oct 2023 14:28:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
16 B
220 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1363209599&t=pageview&_s=1&dl=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&ul=en-us&de=UTF-8&dt=Download...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1249914334&gjid=151682342&cid=514937058.1696906644&tid=UA-43176024-1&_gid=1882495987.1696906644&_r=1&_slc=1&z=669074497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6cd69aec192309026f2d9d421e57da0a5cd4d75d12c0b400ad349021b6d8ceca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://taimienphi.vn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://taimienphi.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
344 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43176024-1&cid=514937058.1696906644&jid=1249914334&gjid=151682342&_gid=1882495987.1696906644&_u=IEBAAEAAAAAAACAAI~&z=1052815866
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://taimienphi.vn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 10 Oct 2023 02:57:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://taimienphi.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
230 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8VXM5J5M2Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a38e7ba0980adadae92f186c3323fdfe0fa1325a8993bac308a0629ea0a5edf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83566
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 10 Oct 2023 02:57:24 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQJGLTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 01:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3946
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 10 Oct 2023 03:51:38 GMT
collect
region1.analytics.google.com/g/
0
252 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8VXM5J5M2Z&gtm=45je3a40&_p=1363209599&_gaz=1&cid=514937058.1696906644&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1696906644&sct=1&seg=0&dl=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&dt=Download...&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VXM5J5M2Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://taimienphi.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VXM5J5M2Z&cid=514937058.1696906644&gtm=45je3a40&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VXM5J5M2Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://taimienphi.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8VXM5J5M2Z&cid=514937058.1696906644&gtm=45je3a40&aip=1&z=1195742251
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
393 B
603 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=taimienphi.vn&callback=_gfp_s_&client=ca-pub-6672418683212757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e82028c19a2e4dc5fba5358afcbaa180b6751fa01ef5034c1b82b86574afc4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2005
469 KB
78 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&adk=1812271804&adf=3025194257&lmt=1696899444&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644013&bpp=3&bdt=2077&idt=185&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1047673334885&frm=20&pv=2&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fda248394edf0f4ad41f16481a5b4bc4baa5dde367e4c9e07b97d635413de709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
79826
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:24 GMT
expires
Tue, 10 Oct 2023 02:57:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 64F0
151 KB
44 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8734d0edb046e282f584526ceb8198e6f9b38cac5eb738f87effed4fd50f22f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45159
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:24 GMT
expires
Tue, 10 Oct 2023 02:57:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A765
138 KB
45 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecdd65b5309371d88e3ef2715640d0430b95146da570633338064c5d49f56cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45905
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:24 GMT
expires
Tue, 10 Oct 2023 02:57:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1168173831&utmhn=taimienphi.vn&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downlo...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43176024-1&cid=514937058.1696906644&jid=543543393&_v=5.7.2&z=1168173831
35 B
113 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43176024-1&cid=514937058.1696906644&jid=543543393&_v=5.7.2&z=1168173831
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H2
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 10 Oct 2023 02:57:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:24 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43176024-1&cid=514937058.1696906644&jid=543543393&_v=5.7.2&z=1168173831
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 7564
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 08:22:16 GMT
e68f8ec74926968a541734be8897a625.js
www.gstatic.com/mysidia/ Frame 7564
36 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 09:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14678
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 09:22:31 GMT
ef1f6d24bef59513d7c49e9cf5bba5ca.js
www.gstatic.com/mysidia/ Frame 7564
22 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ef1f6d24bef59513d7c49e9cf5bba5ca.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 21:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9440
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 21:11:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7564
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7564
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:10:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7564
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7564
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:24 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 7564
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame A765
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 08:22:16 GMT
c068aa03e042373fde6c3960c7f33547.js
www.gstatic.com/mysidia/ Frame A765
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/c068aa03e042373fde6c3960c7f33547.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e04b0d057a78fa056468465ce0f3ac37a952f9f76844eb55d7c8acc28eb49b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5158
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:00:07 GMT
css
fonts.googleapis.com/ Frame A765
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:49:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Oct 2023 02:57:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame A765
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A765
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:10:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A765
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A765
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:24 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame A765
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/
153 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45ce7925d4807b6b959750be85406d3966627c98babda5bb245b745cbf43626d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53320
x-xss-protection
0
server
cafe
etag
14085602378745551004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:24 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/ Frame F5EB
1021 B
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80919a52c7bcae7c35a30cbbac593052e319c1ce50b8b43eb379d65968ea49b1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
178142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
460
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 01:28:22 GMT
expires
Mon, 07 Oct 2024 01:28:22 GMT
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 7564
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d0d5323e6be03110e99412421f646d5459d0bec2dec96677dca80341fbae1cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A765
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:04:01 GMT
x-content-type-options
nosniff
age
251603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 05:04:01 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7564
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYyeplL0kZZ6gENGciM0P4P-a4A3dieSKc9mWlbr4EdTT4PuJPxABIPP3kCRglYKAgJgHoAGN6-akA8gBCakCDGksNTe6sT6oAwHIA0iqBO4CT9DjulJX4xqoYxcqwJX_mcK5iQSC90mjSsE...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223850719208178465294%22,%22debug_reporting%22:true,%22destination%22:%22https://everto-consulting.de%22,%22event_report_win...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223850719208178465294%22,%22debug_reporting%22:true,%22destination%22:%22https://everto-consulting.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22882488717%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229348427337117500737%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3850719208178465294","debug_reporting":true,"destination":"https://everto-consulting.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["882488717"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"9348427337117500737"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 02:57:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 02:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3850719208178465294","debug_reporting":true,"destination":"https://everto-consulting.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["882488717"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"9348427337117500737"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F5EB
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
7501
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 11 Oct 2023 00:52:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F5EB
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
1721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 11 Oct 2023 02:28:43 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/ Frame F5EB
1 KB
455 B
Stylesheet
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc836875b045e5a0a9fa8c1dcdb5e07875dd256880012697dbc6339d4c663c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 01:28:23 GMT
age
178141
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
425
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Oct 2024 01:28:23 GMT
gsap_3.11.5_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F5EB
70 KB
28 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27946
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:06:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 02:57:25 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/javascripts/ Frame F5EB
2 KB
608 B
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/javascripts/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98634f4542a2d8be1835d32cb39cc89b9fe8f56d615d71f4d5eac938cea3bbb2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 05:50:12 GMT
age
421632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
578
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 05:50:12 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4E40
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:08:18 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 1247
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 14:53:59 GMT
etag
2603938475786422795
expires
Mon, 23 Oct 2023 14:53:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame FD9A
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 14:53:59 GMT
etag
2603938475786422795
expires
Mon, 23 Oct 2023 14:53:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame F54E
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 14:53:59 GMT
etag
2603938475786422795
expires
Mon, 23 Oct 2023 14:53:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A765
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4005f10b7061c9448c4d0ce21e1fc0d63a2a3e1fea230b80e05928f966e6981

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223850719208178465294%22,%22debug_reporting%22:true,%22destination%22:%22https://everto-consulting.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22882488717%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229348427337117500737%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 1247
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1247
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:10:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1247
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1247
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:25 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 1247
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame FD9A
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FD9A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:10:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FD9A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD9A
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:25 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame FD9A
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame F54E
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 08:22:16 GMT
c068aa03e042373fde6c3960c7f33547.js
www.gstatic.com/mysidia/ Frame F54E
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/c068aa03e042373fde6c3960c7f33547.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e04b0d057a78fa056468465ce0f3ac37a952f9f76844eb55d7c8acc28eb49b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5158
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:00:07 GMT
css
fonts.googleapis.com/ Frame F54E
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:35:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Oct 2023 02:57:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame F54E
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F54E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:10:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F54E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
48225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F54E
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 02:57:25 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame F54E
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame A765
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C5sBqlL0kZcnNEOuRiM0Ps6iJ8AHa8sGLc9_4t87gEaKUxJKNDhABIPP3kCRglQKgAaX81JApyAEBqQIMaSw1N7qxPqgDAcgDywSqBPECT9Cvc1lbrDQbE10pwV300eIAoguq1PPBtrgH9EZ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225239222138553750505%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225239222138553750505%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040800293%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217564152830493999057%22}&andc=true
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5239222138553750505","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040800293"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"17564152830493999057"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 02:57:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5239222138553750505","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040800293"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"17564152830493999057"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4E40
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:25 GMT
expires
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 609F
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=1522307210&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644017&bpp=1&bdt=2082&idt=212&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C355x280&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=689&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=EumWmrYPab&p=https%3A//taimienphi.vn&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
25 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/bg.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c5ffc57e559688b05efe809d611a639b1eb6b656c428d2d597c0791a437fe93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 22:52:30 GMT
x-content-type-options
nosniff
age
446695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25347
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 22:52:30 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10d594e896b1705299f2140cfd582b962a2479d6635c60c8ac94a2c33da429b9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 07 Oct 2023 23:08:30 GMT
x-content-type-options
nosniff
age
186535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Oct 2024 23:08:30 GMT
push01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/push01.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19cbdac38e65ff1c29babb07453494b8b0fb3cd1e144f5a4c33b1536f648f30d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 07 Oct 2023 08:01:04 GMT
x-content-type-options
nosniff
age
240981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6067
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Oct 2024 08:01:04 GMT
push02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/push02.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
542f197219cbb043503310a960e6d026c39b0f601ab15542dada8ae446b31a16
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 05 Oct 2023 14:51:24 GMT
x-content-type-options
nosniff
age
389161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6475
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 14:51:24 GMT
push03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/push03.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe85224b0ca35dfb9db27c2f0e88c04a0507e125ae3576468e940c643b53c0b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 07 Oct 2023 23:20:56 GMT
x-content-type-options
nosniff
age
185789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6354
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Oct 2024 23:20:56 GMT
push04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
7 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/push04.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee819f4b048893858e811e5e70be9045004424625c21150d828f084ec99abacf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 07 Oct 2023 23:20:56 GMT
x-content-type-options
nosniff
age
185789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7344
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Oct 2024 23:20:56 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/ Frame F5EB
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/images/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16af94415ec50f0cb7a6410785a486a63076d8c0e61f87739ff079708f638b67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12193473807406853457/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Oct 2023 22:32:04 GMT
x-content-type-options
nosniff
age
275121
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5041
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 09:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Oct 2024 22:32:04 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F54E
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:04:01 GMT
x-content-type-options
nosniff
age
251604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 05:04:01 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225239222138553750505%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040800293%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217564152830493999057%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 05DA
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6672418683212757&output=html&h=280&slotname=4214636972&adk=725759173&adf=2734771287&pi=t.ma~as.4214636972&w=355&fwrn=4&fwrnh=100&lmt=1696899444&rafmt=1&format=355x280&url=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696906644016&bpp=1&bdt=2081&idt=203&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1047673334885&frm=20&pv=1&ga_vid=514937058.1696906644&ga_sid=1696906644&ga_hid=1363209599&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078362%2C31078657%2C44798934%2C44801485%2C44804782&oid=2&pvsid=3713777110173505&tmod=800053067&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ACyIrb3ZyB&p=https%3A//taimienphi.vn&dtd=209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
9457787900148380630
tpc.googlesyndication.com/daca_images/simgad/ Frame 1247
31 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9457787900148380630?w=360&h=720
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
affc3a0461774fc2debf19f04d7d55f22c658fa0cf449db03f775d8c2a360d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31791
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 00:15:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 02:57:25 GMT
truncated
/ Frame 1247
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b15bafaa668bf82ad3fdfac0dd83ec25f3a687d89567a26ff37c7b5a70bdb7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4906
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:08:18 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F54E
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5a5fed28ec87998ff6f1baacb7db5b71309faaa29e9dc2d8c1ea64dec14231d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame DFA6
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
12642906081841898305
tpc.googlesyndication.com/daca_images/simgad/ Frame FD9A
31 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12642906081841898305?w=360&h=720
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
159c45b03f508ef3cf648c26556c322726060e820a868d8b04f7d869abb2067b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31362
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 03:25:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 02:57:25 GMT
truncated
/ Frame FD9A
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444ae837616a97e62f4288551253cdcc3ef4526366b0847c086a9bf8f847e30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 1247
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqQWclL0kZfXzD5OXiM0P5PCHmAnImdzEcrzJ86LEEabxhuOgAhABIPP3kCRglQKgAaOV_90DyAEBqQIMaSw1N7qxPqgDAcgDywSqBO0CT9AbeGrn071F_cWUC9dJhhAET8sr3N3XcFD10a3...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215699146521641964752%22,%22debug_reporting%22:true,%22destination%22:%22https://banner24.de%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215699146521641964752%22,%22debug_reporting%22:true,%22destination%22:%22https://banner24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221002424995%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214498186240828871185%22}&andc=true
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"15699146521641964752","debug_reporting":true,"destination":"https://banner24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1002424995"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14498186240828871185"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 02:57:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15699146521641964752","debug_reporting":true,"destination":"https://banner24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1002424995"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14498186240828871185"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 2245
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame FD9A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1PJvlL0kZfbzD5OXiM0P5PCHmAnRp4zRb7_6udeEEqbxhuOgAhABIPP3kCRglQKgAbfZkaopyAEBqQIMaSw1N7qxPqgDAcgDywSqBP8CT9C6nPHHIKYRtqJaUpReww3HI8dQYgdYtoAZDZN...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235494285151126711%22,%22debug_reporting%22:true,%22destination%22:%22https://simon-jager.com%22,%22event_report_window%22...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235494285151126711%22,%22debug_reporting%22:true,%22destination%22:%22https://simon-jager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211094224055%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228951991330002719025%22}&andc=true
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"235494285151126711","debug_reporting":true,"destination":"https://simon-jager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11094224055"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"8951991330002719025"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 02:57:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"235494285151126711","debug_reporting":true,"destination":"https://simon-jager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11094224055"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"8951991330002719025"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame F5EB
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F54E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaLNzlL0kZffzD5OXiM0P5PCHmAm1w9aDcuj5ydbgEI_0kOPXAhABIPP3kCRglQKgAcCR8ukoyAEBqQIMaSw1N7qxPqgDAcgDywSqBIADT9AwcXnlduL6zwe9a4rHwvvZP9JXr6mK4Sd0Sf1...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229620960561269652561%22,%22debug_reporting%22:true,%22destination%22:%22https://ie-group.com%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229620960561269652561%22,%22debug_reporting%22:true,%22destination%22:%22https://ie-group.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210959489216%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214053199105709984977%22}&andc=true
Requested by
Host: taimienphi.vn
URL: https://taimienphi.vn/rd-filev1.aspx?s=1&sname=autocad&size=240%20mb&pid=st17076&xurl=https://www.autodesk.com/products/autocad/trial-intake
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9620960561269652561","debug_reporting":true,"destination":"https://ie-group.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10959489216"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14053199105709984977"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 02:57:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9620960561269652561","debug_reporting":true,"destination":"https://ie-group.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10959489216"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14053199105709984977"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4906
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:25 GMT
expires
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 9D02
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
599455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215699146521641964752%22,%22debug_reporting%22:true,%22destination%22:%22https://banner24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221002424995%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214498186240828871185%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235494285151126711%22,%22debug_reporting%22:true,%22destination%22:%22https://simon-jager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211094224055%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228951991330002719025%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229620960561269652561%22,%22debug_reporting%22:true,%22destination%22:%22https://ie-group.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210959489216%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214053199105709984977%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 02:57:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50201b9453b430ad6693f98f5d573c40f72f8aaca5e440ffd7711c549ef0cab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12047
x-xss-protection
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1363209599&t=timing&_s=2&dl=https%3A%2F%2Ftaimienphi.vn%2Frd-filev1.aspx%3Fs%3D1%26sname%3Dautocad%26size%3D240%2520mb%26pid%3Dst17076%26xurl%3Dhttps%3A%2F%2Fwww.autodesk.com%2Fproducts%2Fautocad%2Ftrial-intake&ul=en-us&de=UTF-8&dt=Download...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4004&pdt=1&dns=18&rrt=1&srt=353&tcp=51&dit=2523&clt=2523&_gst=2478&_gbt=2559&_utma=73394838.514937058.1696906644.1696906644.1696906644.1&_utmz=73394838.1696906644.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1696906645526&_u=IEBCAEABAAAAACAAI~&jid=&gjid=&cid=514937058.1696906644&tid=UA-43176024-1&_gid=1882495987.1696906644&z=35484397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:06:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10228
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6672418683212757&plah=taimienphi.vn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 02:57:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD48
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:12:03 GMT
expires
Wed, 09 Oct 2024 02:12:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 432B
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5bfa0cf51e1ab661b7b5604ef992953e0bd4f81c5c78ec97df8bfe4eef55d26
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9VXT22fspjbGt6-mF5ASJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://taimienphi.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9VXT22fspjbGt6-mF5ASJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 02:57:25 GMT
expires
Tue, 10 Oct 2023 02:57:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame AD48
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
27229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 19:23:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 432B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=3713777110173505&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame AD48
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?rq77Jw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 02:57:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7564
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOqjRYSJ8URUh0HmMi77BYi66XkdbYaQWlc4djqfes2OPeEZzx3P-26si7UCg_nomQ4uEICbcD7DCYRhKcxwGzRUrKRNinVcrqmdOpgUc1xeppHwJXNcDoVoJitZlk0dPU1EnlyCyqTcZI&sai=AMfl-YR8g240CXkl0GaUUFPgnHavSIpNSh3wTsf7kWuCeOzqg9w3vky7ojbzOeHb7m8ZU6orlsT9qBAokp80fkLNjwHESNbQIlw30PHYJH4iDspmLQPmOSZC_F-t8eI-Ox3tussY40qhkemrsmcw&sig=Cg0ArKJSzNUB7JEcdKEvEAE&cid=CAQSSwDICaaNjgC7LqXN4hKPUeQhFvoXxq-GyCNp98wm2cGKNS6RoI6VNBQdOKFW2aFWWYgqAg8zLGPJMfN3-ApEVrpWD0HJrtQWX20w_RgB&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=725759173&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696906644735&rpt=221&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A765
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvigHU_i-T0iIhmxDM-bN6oU6gJiN9Cguwttb0JiPRCCCvUvJePcdNnHd6l2AK9CbRu47aEsBdKp-SmLQY8qsl-oxB0vPQJGa6avX8wi2aLaUU7r8P0_hY2Dif02ZlRQDJ9q_SH8JDAzGsQ&sai=AMfl-YTuPbjuiBfPJ_EWCrFKciMUc1dTNjCJIZIDu5pTlr2KHGS-QHx1-UFGth1GDH3sYApJJUYPoG4E0zJL_9VZJ9KcE4rebbcEqMraVzXIjRjeBninse2IPZAI6Vb47fBhWn1ZtsCo0-0HLKCQ&sig=Cg0ArKJSzH4gy1KjWBAiEAE&cid=CAQSSwDICaaNLpVGyveKG-1LMRFbjAIO8OqYElgiesguzDg59BuV2w4RAVSk7r_MpuzpZbK_Jy_mU8JgxJNjFQMtlVPx0b0o-HLwXrld-xgB&id=lidar2&mcvt=1000&p=0,0,280,355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=725759173&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696906644232&rpt=863&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=3713777110173505&bg=!5eal5qnNAAbjlzx0w5c7ADQBe5WfOECC2SXdDTtqije_3l-0be5tAYhsemRdM1tui8xD466-h0N1tC64d2TkLXskBXGwAgAAADtSAAAABWgBBwoACJDJgPy7mO6lmQLHtiWOYwLyjC18_u_X1t3Ct9qXs6WE16alRBg3OXbfh9oHbYdhLHUx60i6TI31T6O2J8aMR07-G24a28RSmQml4wvi3sL7XtLnagkjCIwBaUoj3YoO52RA1rPr14hHf5tO3mPSPi-1vXSftetFRy4McxSitIJkgvzE09nPEYVFiX8_GznjiusUdBNqqvDnssesE9H_71ZmokHFIjZMszCJzyKFFKG-bquvN4Mq8mcWi4NPrJPjk1X-W6j3aWUs70iXGeC_9SjxaQ9E_mBaCDrFEQN_pCKwNLEC342h3I6Hq74GnaUkCKO2x5l_HQ81QwgElE891RgT0Gdqcj4mZV-WlaTVhnNdUY2mwGUENnne7A25Y8mbHndEatfqKaZJwXIpUVJm2kL8FUTDfdM8ddw4CG4Q8flHv0t_7hojOQOQ17z8oRDCTSkN2B-UceCR4VHubrcR-d5O9X2SPUahU7zhxLIifPZgvWdVmBnf33gMwdPBuoX7nvBq5upoHMdwE2Hh0gQ6IWCMfD952oMMqTrhlrq4zxybyErFFDvRuAIC0Ig7uUtjxYE7ATwDczHLsFgvh5Hntxxb9mMznOInKM6LceZA43yTBWSKSr3G9tZMefjaPDjcNZjurvuQebX7txbGkg9806gIcX4vArVx6DY1Bay0as29mFJwPKcHrcwqNC6G-jQ5Orv-eomL-NTf9oNix0Bw3jDq1lJaZWheWjncmDIJEO6iBs23dTiPx4OSCRirxKaxADIOjnH5RsgwqhYSCDVvsSZ_PUacAxSI2QdAg42jwOirnbuh_T_O3epyYrhc2tehtHU6bUa4DRrAg_Q1lV8MNOaPRjQ_LaU2CCp-f8j0ZwLYQ_NMt2AJDqPdVjpGM13HTHZ1KzecIJaL901loEtcfOIhRd19DNu9nmedk3jU72e3GPdbD953951h1q12AQLqRQri
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://taimienphi.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 1247
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4aznj9O7PYP-5qK9jHTGxR29m55kSAddh4ej13qG3B8JW7gvRie99s7-YSuM18J6WsD2AK5AhxvDZQKwlh_UDpjEDnFfd6XOW2c2MhRpCeyC2-IfcT2eTsFEmM84IKsaFem0zWD-HXUrH&sai=AMfl-YRejCa94KYEZK8GT0Yy6311I4ofWSGrzGYa9tjeMBHJAu7SpO5aeWJYH7ifIQDb0rdwimlCfGqWKkzRe3MnGgUdymxu2M6d-RMhY2J9G52KZw_VKnRvpjh__FjfV5WpVpHmOVPU2unWE1bXNA&sig=Cg0ArKJSzP-yzXbqk2LYEAE&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696906644979&rpt=224&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FD9A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXeVe_S-CHREynLoATr5aEc4nU9Pqt-2DyvYLRwo3S7v2KOuzfFbQyFGJkH1v7TN9ut_b2t0z7pkw-PkiRXCmnLmSuqwP3ZTxQUn-0k_PL1PGxE6NoKBRWmwh06jDLHLwLmcqcj20kk_IQ&sai=AMfl-YRGmyXNvhydsBz8sFx3WKZYt707CJRuo8U0RZSBECVy1Jah4cqihWKYlQt77DE8VURo9p2DFTN_narw0W_YJY6FIPi0B75NR5mvwKQfYM0btf3gNaG-x9xdEfitWI5dryPUxUcvWD_KCbUn-g&sig=Cg0ArKJSzNZJX1jZDO75EAE&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696906644982&rpt=293&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F54E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskptiyDI3lcGE3plN-EqNXjq5JeqlbNxdaBNVcY1qIIYXexrfuPi-zGGZQbOFgLqkzS5ZEk0mNd-t6w1VCzz5hn9jJuyRH6ccffoJNjL12J8si63WYnQe0OCBjkVaKOf2bOtGnPr346nzm&sai=AMfl-YQLt5t059LlJkkLBK8CLNbgpzvNJggCFLDSmfiSY5DZegsXpSajNRUsVoI4WTZpZojEzkQlboW64dSu9yVdAJPYoaBUk0bOUTlHZdq5OVDOmZ-6OT6WkXpD-jKkOXHpVuzb6FZ0ylA6MstigQ&sig=Cg0ArKJSzGqFmxzvWnIzEAE&cid=CAQSTADICaaNvoBlvXuQPnlUCx2mbrU9IIUThZ3kKxkmHYEjQA8KKT5Iy99ykldfdbbc1UxV7O2NRESyLRDB0ml3Bi96cy6G-kO6xGC9HksYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=121,804,1000,1051,1051&tos=121,683,196,51,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696906644983&rpt=359&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 02:57:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 string| GoogleAnalyticsObject function| ga string| cnam function| onimgerr function| setCookie function| setCookieWt function| getCookie function| sortNumber function| setpri function| replacedowndm function| dosearch function| ShowRank function| recievemsg function| ProcessLink function| GoNextUrl function| afsh function| px function| CheckShowNotify function| ShowNotifer function| bx function| bscr function| AddMinsCurrentDate function| x function| getRandomInt function| loadjscssfile function| CorrectUrl function| ProL function| RepUrl function| shuffle function| letgo function| loadxurl function| ismobile function| AddGADS function| setdlsv function| addl function| addimg function| ChangeTextLink function| GetOsName function| loadFaceAPI function| getlinkgg function| showlinkgg number| iscall string| domain undefined| formid string| afolder string| fexten string| prs string| drv string| xdown string| pridomain string| adm string| aflk string| afdm string| afst string| pro string| lsi boolean| isafok string| xctck number| errcount boolean| changeText boolean| islog string| cfiledomain boolean| mup number| lnkP string| catname object| intervalIds number| retry string| xldomain number| tindex number| fbcmd function| $ function| jQuery object| jQuery17106202213686966052 object| dataLayer object| adsbygoogle string| link number| count number| autoGo number| externallink number| iframe string| hiframe string| note string| rel string| pid number| counter number| counted function| timer function| setlink function| logclick string| imgtai string| chuan function| preload object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| _gaq object| googletag function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _gat object| google_llp number| c_start object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
taimienphi.vn/ Name: ASP.NET_SessionId
Value: xdld3v5vc0k01eeoxb20zwk2
taimienphi.vn/ Name: rating
Value: undefined
taimienphi.vn/ Name: fid
Value: undefined
.taimienphi.vn/ Name: _gid
Value: GA1.2.1882495987.1696906644
.taimienphi.vn/ Name: _gat
Value: 1
.taimienphi.vn/ Name: _ga
Value: GA1.1.514937058.1696906644
.taimienphi.vn/ Name: __utma
Value: 73394838.514937058.1696906644.1696906644.1696906644.1
.taimienphi.vn/ Name: __utmc
Value: 73394838
.taimienphi.vn/ Name: __utmz
Value: 73394838.1696906644.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.taimienphi.vn/ Name: __utmt_UA-43176024-1
Value: 1
.taimienphi.vn/ Name: __utmb
Value: 73394838.1.10.1696906644
.taimienphi.vn/ Name: __gads
Value: ID=5ff37c85062b7123:T=1696906644:RT=1696906644:S=ALNI_MY3l89RbiuFg1Ni7WuQfWhbPdihXA
.taimienphi.vn/ Name: __gpi
Value: UID=00000c934ea434c6:T=1696906644:RT=1696906644:S=ALNI_MYdTrmccrbwshg_1MaR-yDS7o2pqA
.doubleclick.net/ Name: IDE
Value: AHWqTUmi7J7ZRxrYfnPW5KB2-Kwxka50qwoIdHY51Hl-pOLi0sb4IoKhm-VF--Rndek
.doubleclick.net/ Name: DSID
Value: NO_DATA
.taimienphi.vn/ Name: _ga_8VXM5J5M2Z
Value: GS1.1.1696906644.1.0.1696906645.59.0.0
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s0.2mdn.net
ssl.google-analytics.com
stats.g.doubleclick.net
taimienphi.vn
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
2001:4860:4802:34::36
2606:4700:10::6816:30a5
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
10d594e896b1705299f2140cfd582b962a2479d6635c60c8ac94a2c33da429b9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
159c45b03f508ef3cf648c26556c322726060e820a868d8b04f7d869abb2067b
16af94415ec50f0cb7a6410785a486a63076d8c0e61f87739ff079708f638b67
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
19cbdac38e65ff1c29babb07453494b8b0fb3cd1e144f5a4c33b1536f648f30d
1d0d5323e6be03110e99412421f646d5459d0bec2dec96677dca80341fbae1cf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
444ae837616a97e62f4288551253cdcc3ef4526366b0847c086a9bf8f847e30b
45ce7925d4807b6b959750be85406d3966627c98babda5bb245b745cbf43626d
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
50201b9453b430ad6693f98f5d573c40f72f8aaca5e440ffd7711c549ef0cab8
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
542f197219cbb043503310a960e6d026c39b0f601ab15542dada8ae446b31a16
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f3f599559874169d0d202225c1143bb890ba001a098dca6cc63f353c4a97979
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
622997dc26c10f5bb5ea272193b710b811eb376d3eeb31f3739b3df613c4e4ef
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5ffc57e559688b05efe809d611a639b1eb6b656c428d2d597c0791a437fe93
6cd69aec192309026f2d9d421e57da0a5cd4d75d12c0b400ad349021b6d8ceca
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7a38e7ba0980adadae92f186c3323fdfe0fa1325a8993bac308a0629ea0a5edf
7ce0e27b6893412fce1f9f610cb125aca693664a3373adde8c111216bc4cc831
80919a52c7bcae7c35a30cbbac593052e319c1ce50b8b43eb379d65968ea49b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8734d0edb046e282f584526ceb8198e6f9b38cac5eb738f87effed4fd50f22f1
8e82028c19a2e4dc5fba5358afcbaa180b6751fa01ef5034c1b82b86574afc4c
98634f4542a2d8be1835d32cb39cc89b9fe8f56d615d71f4d5eac938cea3bbb2
a5bfa0cf51e1ab661b7b5604ef992953e0bd4f81c5c78ec97df8bfe4eef55d26
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
afc836875b045e5a0a9fa8c1dcdb5e07875dd256880012697dbc6339d4c663c1
affc3a0461774fc2debf19f04d7d55f22c658fa0cf449db03f775d8c2a360d2f
b15bafaa668bf82ad3fdfac0dd83ec25f3a687d89567a26ff37c7b5a70bdb7eb
b5a5fed28ec87998ff6f1baacb7db5b71309faaa29e9dc2d8c1ea64dec14231d
b8c5880b9784e644d1c25a63675bdc78da75d96b81a684859ea78420f42e5051
c717674b74e5a5388b8450155bd09479e5b9c60bf305019f303c9d974adfadba
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e04b0d057a78fa056468465ce0f3ac37a952f9f76844eb55d7c8acc28eb49b9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
ecdd65b5309371d88e3ef2715640d0430b95146da570633338064c5d49f56cd3
ee257b25208ad5648c1641d6274df7bb90bd6ad4714f777d93385876bd30f453
ee819f4b048893858e811e5e70be9045004424625c21150d828f084ec99abacf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef63db9f1c59dfec696a4d34eb37640cf5702ef24a7290777b157f833188ae83
f4005f10b7061c9448c4d0ce21e1fc0d63a2a3e1fea230b80e05928f966e6981
fda248394edf0f4ad41f16481a5b4bc4baa5dde367e4c9e07b97d635413de709
fe85224b0ca35dfb9db27c2f0e88c04a0507e125ae3576468e940c643b53c0b4
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48