daophatmuonmau.com Open in urlscan Pro
2606:4700:3033::ac43:bc47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://daophatmuonmau.com/
Submission: On November 17 via api (November 17th 2023, 11:22:57 pm UTC) from US — Scanned from US

Summary HTTP 114 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 19 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3033::ac43:bc47, located in United States and belongs to CLOUDFLARENET, US. The main domain is daophatmuonmau.com.
TLS certificate: Issued by E1 on November 16th 2023. Valid for: 3 months.

This is the only time daophatmuonmau.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3033::ac43:bc47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
2 11	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::66	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
4	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
6	23.60.4.23 23.60.4.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.205.76.21 23.205.76.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::69	15169 (GOOGLE) (GOOGLE)
1	23.40.207.176 23.40.207.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.208.68.24 23.208.68.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.216.84.23 23.216.84.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.12.144.32 23.12.144.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2606:ae80:145... 2606:ae80:1451:22::730	25751 (VALUECLICK) (VALUECLICK)
1 9	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2 2	52.23.71.199 52.23.71.199	14618 (AMAZON-AES) (AMAZON-AES)
1 1	204.2.226.29 204.2.226.29	2914 (NTT-LTD-2914) (NTT-LTD-2914)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:63f1:bb10:b854:7d73	14618 (AMAZON-AES) (AMAZON-AES)
1 1	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
114	20

32 2606:4700:3033::ac43:bc47 (United States)

ASN13335 (CLOUDFLARENET, US)

daophatmuonmau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c17::9b (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::66 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.60.4.23 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-4-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.76.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-76-21.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.207.176 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-176.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.208.68.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-68-24.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.216.84.23 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-84-23.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.12.144.32 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-32.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:22::730 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.63.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.71.199 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-71-199.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.226.29 (Springfield, United States) 1 redirects

ASN2914 (NTT-LTD-2914, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:63f1:bb10:b854:7d73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.230 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	daophatmuonmau.com daophatmuonmau.com	948 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	437 KB
20	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	127 KB
12	media.net contextual.media.net — Cisco Umbrella Rank: 691 warp.media.net — Cisco Umbrella Rank: 2821 lg3.media.net — Cisco Umbrella Rank: 7529 hblg.media.net — Cisco Umbrella Rank: 2223 cs.media.net — Cisco Umbrella Rank: 1513	163 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	143 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	191 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	922 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	981 B
2	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 22538 qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2166	43 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	441 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	760 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875	508 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 5755	785 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	78 KB
114	19

	Domain	Requested by
32	daophatmuonmau.com	daophatmuonmau.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	daophatmuonmau.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	1 redirects daophatmuonmau.com googleads.g.doubleclick.net
6	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googleadservices.com	daophatmuonmau.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	daophatmuonmau.com googleads.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	hblg.media.net	googleads.g.doubleclick.net
2	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
1	cs.media.net	contextual.media.net
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	aep.mxptint.net	1 redirects
1	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
1	pxlclnmdecom-a.akamaihd.net	contextual.media.net
1	warp.media.net	googleads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	daophatmuonmau.com
114	27

This site contains links to these domains. Also see Links.

Domain
localhost
xn--kim
facebook.com
twitter.com
linkedin.com
instagram.com
pinterest.com
youtube.com
truyenxuatichcu.com
www.prodesigns.com

Subject Issuer	Validity	Valid
daophatmuonmau.com E1	`2023-11-16` - `2024-02-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://daophatmuonmau.com/
Frame ID: EC4800A5B02209FCFC29E047BDB19DA4
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: B3CCD241CB944AFFA0445BCCE1A6C447
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&adk=1812271804&adf=3025194257&lmt=1700263368&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263368562&bpp=14&bdt=1068&idt=224&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5801919852783&frm=20&pv=2&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: B546BE51FF33706110C80CEB583CD7BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.854259100~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700263368&rafmt=1&to=qs&pwprc=2371705645&format=1200x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263368576&bpp=2&bdt=1083&idt=241&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: 1914DFEDF54B97AD2BFB2CDDA917B37D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=689553242&adf=532061071&pi=t.aa~a.1827426750~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1843&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: D12FB4C228582EC7F8A4CA74198DA0E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=689553242&adf=2967877387&pi=t.aa~a.2937676140~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280&nras=4&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=16
Frame ID: B03C7D8FD6A72909BACF1542C25C582F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=250&adk=2763956873&adf=2145266986&pi=t.aa~a.2704198891~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x250&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=2&bdt=1842&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280&nras=5&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Frame ID: F4C50B7E89AA9CF2AB2B5DB0C9D6EF89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Frame ID: F4DEE5DC80BC384086E9A176AD679AFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 59FD6BC62AADBC3502DFE1A88E1D8D8D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 40ABA174EA14C4BD0931E7B321062972
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 484AD6F205966EF02DD6125909FF84B3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 16EDF877F0754B775A3250A9AAFF7034
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1
Frame ID: 569A606D5CB9CC772BB063D048E7B45C
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 1EC1ADE69628C3B3C039B27D087B5AE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6082E8E7A28A28E834DF39E9043DACD0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0721B086FB2552087C7EB86271033165
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8DD3DCFF0FA0F9897FFF53D51A837EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Đạo Phật muôn màu - "Tin là căn bản của sự thành công, và là nguồn gốc của muôn hạnh lành"

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

114
Requests

90 %
HTTPS

50 %
IPv6

19
Domains

27
Subdomains

20
IPs

2
Countries

2134 kB
Transfer

4465 kB
Size

16
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://localhost/daophatmuonmau
Title: admin

Search URL Search Domain Scan URL

URL: http://xn--kim%20hng-hn7d/
Title: Nguyễn Thị Kim Hồng

Search URL Search Domain Scan URL

URL: https://facebook.com/TruyenXuaTichCu
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TruyenXuaTichCu
Title: twitter

Search URL Search Domain Scan URL

URL: http://linkedin.com/TruyenXuaTichCu
Title: linkedin

Search URL Search Domain Scan URL

URL: https://instagram.com/TruyenXuaTichCu
Title: instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/TruyenXuaTichCu
Title: pinterest

Search URL Search Domain Scan URL

URL: https://youtube.com/
Title: youtube

Search URL Search Domain Scan URL

URL: http://truyenxuatichcu.com/truyen-co-nha-phat
Title: Truyện cổ nhà Phật

Search URL Search Domain Scan URL

URL: https://www.prodesigns.com/
Title: ProDesigns

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CLQc9yPVXZaDUNfrzkPIP8qevwArXsZGVdPDxgKy0Ep3dxOz4ChABIOfyj09gye6Oi8CkjBCgAd678YwpyAEJqQJefDmLwkCyPqgDAcgDywSqBP4BT9B-SHqwtHff76iSycTk2zWPXtkB8ejdUeDBsybEuiO_vjZcYY-rCDxnwHHXDqqLhC9h3b_Mrwaik0esGa1YUEOYbtc_FXq4-YZniM-GSSrqRlAyXF7UGmRVn2UPaDqa8gFjmm5O9nbiquzqq7rLEXz5BDulULSJypzZZsnN2ckHi5f5meLuETGHzs6q-lvnatf-gjSgPMZllUrsTUeKbJyL_qZx3ucUkHSatEqoiSUsAeY7zW7zumRdMPugZdjqGhKNetKFQvTOkDreVGfewOd7Hjie7DUpCl18_2eyCIadwU6gZQ0nbrU5_wS7DG0YCiZr6e8LJkrJ4kTeLw3ABNGlpf2_BIgFvO2jo02SBQQIBBgBkgUECAUYBKAGLoAH3vPB7AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCrgArSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwQKg4KDOS0sQLutbECtbixAtoMEAoKENDWw9n4n573VRICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMTY1NjYxNDg2MzUxNzc1MxgA&sigh=XOCdinlHA6Y&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNx8MfUDt0dospAa_rFiXlmbEvtYF2c76bBz9CAjeDPTJDzBJ2rtqVK2kiPUlBeWYx0KtNhnKEVvDMy0y1Ja21MG46cQ5-sL1lWgMYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e4432aeb459ed0000000000000000%22,%224%22:%220x8b03cab370512b670000000000000000%22,%225%22:%220x4402ece70e80c95b0000000000000000%22},%22debug_key%22:%2211112569740032756195%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211032878558%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212607546584841051489%22}&andc=true

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=CTneEyPVXZbqxNff0kPIP9sOiiA7XsZGVdPDxgKy0EpiS-IezAhABIOfyj09gye6Oi8CkjBCgAd678YwpyAEJqQLX3YNie0yyPqgDAcgDy4SAgASqBP4BT9BzxmWvblfPL-IdUfhP6gxDd1-tvoFE28JhH-O6pKkMAf0BkKs46bMnHlbBU4Wze3ZmDvy-T8hMINVfS_IGtDwWBAVWJ53wMPO5XhuENZwNzrS4o4qj4NWabK9ErondTT0ztzff1UiBbLHDH3JdQvmceuBmutY8U3RG1invM_GaFOpsbdyOcRmDYsUSQe_J5yCff16LuCDPuxDcU-UHrYQkwuZ0Wh6hMXqdev5XiUJElL7awh490e3eZlUSUdz342G1pRwGw74RzsNXZKWMDfUILzcxWAXPErUGpfmG0xC3yWfeJ0hrQYzDtm1lptoQnoEnsc6OQ4Oy7R228oDABNGlpf2_BIgFvO2jo02SBQQIBBgBkgUECAUYBKAGLoAH3vPB7AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCP_QLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwQKg4KDOS0sQLutbECtbixAtoMEAoKENDCl6yvmLrGBBICAQO4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTE2NTY2MTQ4NjM1MTc3NTMYAA&sigh=oNhi7R7-z10&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNuHuuYEZoLWD--lOgV5JAz06n-4Fer7vBHv0Nguif4AHXs30wr7LYelpky6yYHfGg0enDjYnMMoXPN97vP36hHSwo0BSA9EV6RwAYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e4432aeb459ed0000000000000000%22,%224%22:%220x8b03cab370512b670000000000000000%22,%225%22:%220x4402ece70e80c95b0000000000000000%22},%22debug_key%22:%2211603646508350016701%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211032878558%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22321554163718191601%22}&andc=true

Request Chain 94

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_cver=1&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRXOchkF0siJ8abAdmqtVcIKWnS9TfbeDC4ADB-ye4QGIPjNybDpkQO-z_bCMlrf1YHNSOEcBrcLk0jzNhLVaw-9BPxGf_j9HldUJJIbnw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=25efafa2eff21065&is_secure=true&networkId=14000&version=1&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_cver=1&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRXOchkF0siJ8abAdmqtVcIKWnS9TfbeDC4ADB-ye4QGIPjNybDpkQO-z_bCMlrf1YHNSOEcBrcLk0jzNhLVaw-9BPxGf_j9HldUJJIbnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGTgYYOGt3cQMXayhVAAAAAAA&expiration=1700349770&google_cver=1&is_secure=true&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRXOchkF0siJ8abAdmqtVcIKWnS9TfbeDC4ADB-ye4QGIPjNybDpkQO-z_bCMlrf1YHNSOEcBrcLk0jzNhLVaw-9BPxGf_j9HldUJJIbnw

Request Chain 95

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9IIj2Al0vNGwfvbklaYPHf99Eu6NMyAWIrgKZTlSxU1eDD3s-eURdMtEMfJSDu7YnWUj9b162cw9CaRQ4SDHfZpcotSRHUfi9MES7pV_5WsHe64A HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9IIj2Al0vNGwfvbklaYPHf99Eu6NMyAWIrgKZTlSxU1eDD3s-eURdMtEMfJSDu7YnWUj9b162cw9CaRQ4SDHfZpcotSRHUfi9MES7pV_5WsHe64A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWpxVTF1Mk8xUjQ4YUs1&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9IIj2Al0vNGwfvbklaYPHf99Eu6NMyAWIrgKZTlSxU1eDD3s-eURdMtEMfJSDu7YnWUj9b162cw9CaRQ4SDHfZpcotSRHUfi9MES7pV_5WsHe64A

Request Chain 96

https://aep.mxptint.net/sn.ashx?google_gid=CAESENqtldp42SJTStfqPOyD4i0&google_cver=1&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbTnHK9dufQo6QjaXX6u_aKpVUzn39rNBvME2-SG36nU76kHjfe-C0Bi5sN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbTnHK9dufQo6QjaXX6u_aKpVUzn39rNBvME2-SG36nU76kHjfe-C0Bi5sN&google_hm=UjMzNjQ2XzEwQzRGREYzRl85MUQ3MTY3Qg%3D%3D

Request Chain 97

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE5Ev3_KF3Qt8eoahpHPXoo&google_cver=1&google_push=AXcoOmQPdYV25VOfOCLdqWdWzE9ZJCaN7U-toA0QzJsJxU7USZovjro15yzfeL1it-tLaPZpdsUlF5DDu_U__BrgqIksSNQLUxnZsIWKhm0QjVAhCzFzrvZGjpbbR6ELSqgIuT7dXd_tmrbzX8YSsRfAmamZFg HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE5Ev3_KF3Qt8eoahpHPXoo&google_cver=1&google_push=AXcoOmQPdYV25VOfOCLdqWdWzE9ZJCaN7U-toA0QzJsJxU7USZovjro15yzfeL1it-tLaPZpdsUlF5DDu_U__BrgqIksSNQLUxnZsIWKhm0QjVAhCzFzrvZGjpbbR6ELSqgIuT7dXd_tmrbzX8YSsRfAmamZFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQxMzEwYzYtZTg1OC00MzIyLWIxMzEtMzVkOTZmNzA1YjI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d1310c6-e858-4322-b131-35d96f705b29

Request Chain 98

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=1&google_push=AXcoOmThJnw8eWSqA7sfR2t83vd1bOd_DU3-OEDsrDfVpit3o-QqNtxcHbDBrRszmRiBDYf4uNfB9SEvK6YlZ3LKxPjk3OE0rkQL-608cP3cvlTGoLl6j7eoAOXQEnQx-AcLwKOkQYMFEeGegv6OabiDmm8PGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTYyN2JhNTAtYWFkZi00ZDQzLWJjOTktMzU5Njc5MThlYWNk&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=1&google_push=AXcoOmThJnw8eWSqA7sfR2t83vd1bOd_DU3-OEDsrDfVpit3o-QqNtxcHbDBrRszmRiBDYf4uNfB9SEvK6YlZ3LKxPjk3OE0rkQL-608cP3cvlTGoLl6j7eoAOXQEnQx-AcLwKOkQYMFEeGegv6OabiDmm8PGA

Request Chain 99

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENnqEb6aXO0xMo7a9oOSsXE&google_cver=1&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3SHLkMOZ7DGku540MuUEJ8-F_4KOe93MzoEES438meyYzzJbsp-EkRl9wTeMqG04Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3SHLkMOZ7DGku540MuUEJ8-F_4KOe93MzoEES438meyYzzJbsp-EkRl9wTeMqG04Q&google_hm=eS1oNnRzNnExRTJwSGhkUlAxRTBIeGFqZ3RqV0Z5ZDJlcH5B

Request Chain 100

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELkWP3GH9EeCV797pEZgEBQ&google_cver=1&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5CuzOuBcoQnoYbKsFEXag-HstFQ7G8PA6ggSP_rqC7OS8tNc286EWowAbebMbdgNyD9FmQZsCOd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5CuzOuBcoQnoYbKsFEXag-HstFQ7G8PA6ggSP_rqC7OS8tNc286EWowAbebMbdgNyD9FmQZsCOd

Request Chain 102

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQzMjY0OTcwNjU3MzE3MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEADZnKkB-cU3JxJvz1Xtl3g&google_cver=1

114 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
daophatmuonmau.com/ 82 KB
18 KB 2422ms
2335ms Document
text/html 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.0RC6
Resource Hash: 05473cd9047dbfcdfdfd8b0aaa07b505e4476a91a9b1034d948341e8c7b7ad97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 827bb7b04aac4bc1-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 23:22:47 GMT
link: <https://daophatmuonmau.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57ae7q%2ByIjiJSiaZvAnmbq15V24%2BjDLflDCkWU79YjXXU5uyotwRvYWPxEJktMDJEQzPioaWm%2FwnI9EmP01R4I3cbsmd0qke8tzcQINOgLDFm4fjrqXJWdQ4ows%2FlVM6uWZN4%2FUZs2SiO3gTBmW6%2FGA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.3.0RC6

GET
H2 200 style.min.css
daophatmuonmau.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 417ms
413ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"19824-608fea468151e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLSF0MH1CXJtm8XdZ%2FnRWl4mjmIRQsYuo9QeUYtWHU67FH9XxVuMIvxF%2FzBx0gTapmmNGMYtyKiR5JmqNALpqKvNA7zCVW1Lo3bPEOATLbdpw0qAnyP39DtEYN8YxW5pVIJkuT2IwzgDWZxXrn8PUkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7beeb994bc1-BUF
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 6a609932-5f15-4986-96f6-8cb21e7c2f80
https://daophatmuonmau.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://daophatmuonmau.com/6a609932-5f15-4986-96f6-8cb21e7c2f80
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 selectize.bootstrap3.min.css
daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/ 9 KB
2 KB 412ms
412ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/selectize.bootstrap3.min.css?ver=4.5.8
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5d2a5d4674da1b1b6e2c05c39f51e72f5905b95d1fd4c89c8e07dc65ec4d5cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"222f-608fed65b40c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWiaJc%2BBkP4%2FSb0nAQLZeuNDDYZd%2BnCkN5jhsAI4DSdcJxaJ%2FJ7RH3c3dSy0JPH3FebZSttHGO6H9xHSgcjmY823Ckr%2B6wSm0fp1fxfZugT3nO2Pw0EjC9gzIgyIhxjlNgwvQTcWPvPgqXAhIoHYgmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018614bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.min.css
daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/fontawesome/css/ 98 KB
21 KB 443ms
441ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/fontawesome/css/all.min.css?ver=4.5.8
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:21:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"189b3-608fed89a9b59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83fd4kADvTpX9zrM5DUM8e9OMUMMbl8FZb0lMfEMbzhciNFs8Z0peLidwTo7H%2F6HlLgLPrv2dku6fa3ERett7%2Fsm4Mjk2FTQ5DkYZUdXtJgSJNIuMHA6qD3gT3oDs%2Bv8K9RMy6K1%2Fe%2BkiRukIm%2FLvNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018624bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 wbg-front.css
daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/ 17 KB
4 KB 414ms
412ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/css/wbg-front.css?ver=4.5.8
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9fb308260690dfe2e4a5cb100dbe82e4b738d5c8433640bdb9e96a7c7130724

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"433f-608fed66b88c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCVFwniwL1qnYjaxHgyR3M9ydTmcTM6rAWYKaECHKTt2L3gC8IKSQ9ynkdGjyxooJ41G54P7wcOAHkoOjhvwrJ%2FDN4vGQsO8ng9DtKQz58tHc1qPweyEYH37sry6nT2ooeTB2E49K3ZXgSFdZDisDAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018634bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 screen.min.css
daophatmuonmau.com/wp-content/plugins/table-of-contents-plus/ 1 KB
892 B 412ms
411ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Nov 2023 03:33:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"484-60a2892e1844d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYmQbsFBL2ObCFjE%2F2mgEZfZYw16pIKc7jPHPZogBpE%2F%2BYQ4i25w9VAcC7Zu01A0liqaqggVo7rGuTzvGtuAkqcE49KgH1mHc1zh7s8fRPDwtdOq8I6HmO%2Fag2oETqqoTd3RRCm%2FHCq%2FeKq5gBZbIzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018644bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.css
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/bootstrap/ 118 KB
20 KB 447ms
445ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/bootstrap/bootstrap.min.css?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d970-609000443e25d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FuHmH2to6vsC5eEEinUOOBrBlcKW0%2FdySTs9fEyd7jL6%2FnObVyREemWqFip0o9RdH1%2FyVoT2uXS0M3L06eC3MHHlad60ldQzVmm2jw9VH6cHy6kLHO8%2Fb7t81XC3d834BfHpmm5Pbdqp%2BhEcGCj9MA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018654bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 meanmenu.css
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/meanmenu/ 3 KB
1 KB 478ms
476ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/meanmenu/meanmenu.css?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b35ae155e3b15db3efb65015c229145682a08b720efe90717eba02da7aaec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d0b-609000443ee15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJOd1e%2BUfSFXSFKQfMutvF0MPwLQDuiQWl4E0cJj5NQ15w3aez7xEuc%2FFDAJvbo3RQgHPRaSl93fa9UokEgb9vSEBVClpnxwlyLnZmigvqk1eiOvqLPC2XxgDGpKOZ%2FAxieTF86147LexVHe%2FDYRYUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018674bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/css/ 30 KB
7 KB 414ms
413ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/css/font-awesome.min.css?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7918-609000443e645"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWJm%2B%2FXW5qa%2FVsGJinAUipcyxJ9tn%2Fxn2vY8ZEaRSL8uX3XndVxzBwvtDqM2NUeGa7cJAgfrZHNPKaGJv%2FgzY6BLBgJtmcprm2YOj4nPqqRzN28Kyd%2FT1ywWgIeZzQoTkNZzpdrK0ly9SpzUSGEef1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018684bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 117ms
48ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc4f474c7599651e4097f36c69c293d2685e2abecce007b1cd2a8405a2107c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 23:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 23:22:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 23:22:47 GMT

GET
H3 200 style.css
daophatmuonmau.com/wp-content/themes/blog-way/ 56 KB
12 KB 478ms
477ms Stylesheet
text/css 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/style.css?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1f2900290198d610ab60bb5fcd319558ed313b3286cabaf4f5e59774186d7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e043-609000443f9cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft7XqtrotkUzC8Is5SwM8kUo9KbKW16ST2H4UWkd0vfvYVCplDc5oGV04NfKqnQczVr7iQ3p0op2GMS%2FHhkXQCetjV9OKsblIrbcgf%2Bv51YzqMSbLX26B7epoqEdidhjayQFF%2BO9n08Wnf7EXE0Wa60%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 827bb7c018694bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
daophatmuonmau.com/wp-includes/js/jquery/ 85 KB
31 KB 478ms
477ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:06:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"155ba-608fea2684458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2vpwBIi%2B28ip2rD1c1X8yECjiybEXt%2BFh59uhsKn1UDIBpNqxQ55RjZ4XtUcghuyvng2%2Fk4Wc1ChqePdhKDRRvtPj9olrlqvVVSoB7ylFA8lzlhlIqPsZBzKWlgAsc8TYNwbtyQDJkGQkojNHIpcTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7c0186a4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
daophatmuonmau.com/wp-includes/js/jquery/ 13 KB
5 KB 497ms
497ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-608fea2754099"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz8dBnwB1NEgDkdKSJ2EAj5pB7ugLnVit6PpBS6OMDAF6e78JbXJ7m39Zec1zGi1N2bnkk2YfAmee1KooJdEKeddMV1VDqiYaBdX86%2BZpzh3TXG8cZ5qdX5FIRBevkKEeu%2B0Tg%2BvJQi%2FFABJrzpJ8D4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7c0286c4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 269ms
52ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5D9QKRF

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de8132b592bd5789cea54eab181581b57e7e99fb1aa630dc0fc4906cfc9cf89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 23:22:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 283ms
69ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1656614863517753

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b07239d9d335007f512bd5bc3fa08e0879aa2bd97d1150d907d5a8d3ddc11c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Origin: https://daophatmuonmau.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53131
x-xss-protection: 0
server: cafe
etag: 5934169773122802278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:48 GMT

GET
H3 200 Dia-Tang-Vuong-Bo-Tat-2-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2021/05/ 19 KB
19 KB 424ms
424ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2021/05/Dia-Tang-Vuong-Bo-Tat-2-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d668b3055924ccf56da1ec44d21c0c8e9e10ef491d568b79f996582281f070

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 08:50:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4b9d-608ff3f99d7ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=797DnK%2F2EYl18FU%2B8BGopm0HxPwz47%2B1XyjNaS5m7lppavtiqi2I5ioAIWv3wPkTOM6vZxixZsyjXcCfXhzkznweZolAv2tz%2FHuOymzdG4GvEifLnTSY6BWj5nobV4DOuDCH%2FzqK7vWq47emp%2F5PP4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c298864bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 19357

GET
H3 200 A-Mi-Da-Phat-loi-chuc-phuc-rat-vien-man-rat-hoan-my-HT-Tinh-Khong-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2021/01/ 13 KB
13 KB 228ms
227ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2021/01/A-Mi-Da-Phat-loi-chuc-phuc-rat-vien-man-rat-hoan-my-HT-Tinh-Khong-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac52ac629318cf1fcd7bd6b5b282265b75f7ef499f47047101298af2aa88c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:54:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3248-608ff4e5eeedc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RD%2BS1dD3P%2F3r9GPCVGtquQMm%2FngPFBcUXH9KBOjB9Cl%2B%2FcrGUhH6zOIiP9GqbuUt1UY%2BEe4vnDwcLifWMvzMxY4SDaRNBe2ZvwpxTKC1dJVlWML%2BN%2B58Vdv%2Bh%2FnQ7OEmZ92gyM%2BxjXua3S0fZvUywEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c2a88a4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 12872

GET
H3 200 nhung-phien-nao-tro-ngai-tren-buoc-duong-tu-tap-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2020/10/ 15 KB
16 KB 227ms
227ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2020/10/nhung-phien-nao-tro-ngai-tren-buoc-duong-tu-tap-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fb71adaefb44273bc8ebddb711dd6976d50d87e0badc122d72abf1d1f9091d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3c41-608ff0f4e2e08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36A5IT1c4B5Ao7zPDDNVKIUV42u44UHhHiAX9cmDaoE9CQzkdS04gPi4DaDYCX%2F93u%2Fkh0y0gBVzL02E45O5gjBXmZpzR2Eml0%2FRN8amprN9%2B7nrLGyuNZMBVedcin%2BSZFUa975EgSkYqmz50L1GGo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c2a88b4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15425

GET
H3 200 tay-phuong-tiep-dan-1.jpg
daophatmuonmau.com/wp-content/uploads/2020/09/ 280 KB
280 KB 262ms
262ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2020/09/tay-phuong-tiep-dan-1.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0344292712f6b8fc62c0e2691c9615d0b4d19a0e50edaaf06dedf1342094bd37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "45f25-608ff1ad5f5eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26QOeQLP49HmqWMwGkhW1uQxlO5UAyLNK8uCllQnO%2BLqRApbnFguuQtK%2Fxo5YfJeSX0rXAjpHOpQtUtDcWNjCZQHwipKhmXJt3QOFwC8JI9DbSsRd1KrqjcSJ2exKj2a7aCo%2FcGo6R0JLoc8GYboV%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c368994bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 286501

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 238ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daophatmuonmau.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:47:05 GMT
x-content-type-options: nosniff
age: 160543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 02:47:05 GMT

GET
H3 200 fontawesome-webfont.woff2
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/fonts/ 75 KB
76 KB 229ms
228ms Font
font/woff2 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/css/font-awesome.min.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/font-awesome/css/font-awesome.min.css?ver=6.3.2
Origin: https://daophatmuonmau.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-609000443ea2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihSGXGl4d1ptxQKvYXy5ahYgwjWgU3FlfcCHDmwqLujlOfm84ZFD3z5egAIYADavmt%2BqxKZhh5LV27CmVdxtx%2BzF5dJ%2FnwCwYL1d42EVIg8omaCPMNf0L%2BvlAPxwkUzgdtrxke73AYMg6QPXWhRuRXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c3789a4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 396 KB
134 KB 138ms
71ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1656614863517753

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88367d9fb95a35706823afc902001e8197d3aa194acaef2d98ccd1a3abc2148f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137155
x-xss-protection: 0
server: cafe
etag: 957007312435412915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:48 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame B3CC 9 KB
4 KB 103ms
34ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1656614863517753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 02:57:07 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 02:57:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 111ms
41ms Ping
text/plain 2607:f8b0:4004:c09::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EPHRFXM94B&gtm=45Pe3b81v9111575737&_p=1700263368209&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=973047983.1700263369&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1700263368&sct=1&seg=0&dl=https%3A%2F%2Fdaophatmuonmau.com%2F&dt=%C4%90%E1%BA%A1o%20Ph%E1%BA%ADt%20mu%C3%B4n%20m%C3%A0u%20-%20%22Tin%20l%C3%A0%20c%C4%83n%20b%E1%BA%A3n%20c%E1%BB%A7a%20s%E1%BB%B1%20th%C3%A0nh%20c%C3%B4ng%2C%20v%C3%A0%20l%C3%A0%20ngu%E1%BB%93n%20g%E1%BB%91c%20c%E1%BB%A7a%20mu%C3%B4n%20h%E1%BA%A1nh%20l%C3%A0nh%22&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3575
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5D9QKRF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://daophatmuonmau.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cau-sanh-tinh-do-moi-vuot-thoat-luan-hoi-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2020/11/ 27 KB
28 KB 227ms
226ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2020/11/cau-sanh-tinh-do-moi-vuot-thoat-luan-hoi-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 177735f0a3a2faf76a534c7b2b95e086902c69ce495f7e2f15397113e252e04e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6d76-608fefbd02fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojcmdeZBEbnTCfrRUz47ask9AatkIPozHDNM2Phxaks2iE%2Bbj3NiamxidvCwNjr3OpA%2Fbc%2F%2BXQhFH4tb2GMjnOvktDpsuHF4Lpyd2KbGJ3ZkC5NRTYt3T15Vl%2FXQoGykjP394fFeEKTD12fUer0HRTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c668bb4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 28022

GET
H3 200 Tay-Phuong-Tam-Thanh-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2021/06/ 22 KB
23 KB 225ms
224ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2021/06/Tay-Phuong-Tam-Thanh-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7c259ec1b5ca9857506463658bf31e0aea0634ea4130827414cda31a9e1c87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:55:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "597d-608ff513b3d7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNMtKTx6uBnxfLswwtgGIwk2v8XlE3cVU40UbMv8gtSN3vpeNPT7LAGRb3CMd4A3FxZcGlNzbUgC%2FE49nD6lGsB8qsuO5qpPWFCmjVVXzOxvNtXeLuhj1ZDo70LX6bLvh6iexRj3Os5lLYcl1dyxhFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c698c14bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 22909

GET
H3 200 Nguoi-Niem-Phat-co-anh-sang-Vo-Luong-Quang-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2021/08/ 13 KB
13 KB 413ms
412ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2021/08/Nguoi-Niem-Phat-co-anh-sang-Vo-Luong-Quang-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 256d031019630fa3064bb265206e4570dcc20f3da73a403dc67a0272773a628d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3300-608ff4a5cd48a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3m0Emvqsz%2FisPGSmdbEbCSjqAXXY2Lnub9uzzeIuObJdk3fJen0gx7B6j8lhQl1s1n9NbELvYTi7R3AkawiJv14LvdOhh1HgFoewO5GyQtovG5c6L6Hw%2Fxad%2BeN580dexkxmH3Ktg9q942e5uGTVTTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7c698c24bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13056

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B546 169 KB
48 KB 464ms
463ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&adk=1812271804&adf=3025194257&lmt=1700263368&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263368562&bpp=14&bdt=1068&idt=224&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5801919852783&frm=20&pv=2&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25cf43e09032ef3a5d2c9366e78057eb2040c2973085c1210b5febe97be414c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=masthead&cls=site-header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1914 142 KB
44 KB 413ms
411ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.854259100~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700263368&rafmt=1&to=qs&pwprc=2371705645&format=1200x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263368576&bpp=2&bdt=1083&idt=241&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cecdffaa7582aeae49b5564216aa4f7640283eacb1f4eb7553c735c2efe12b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45186
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1914 14 KB
1 KB 44ms
43ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.854259100~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700263368&rafmt=1&to=qs&pwprc=2371705645&format=1200x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263368576&bpp=2&bdt=1083&idt=241&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 22:31:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1914 2 KB
903 B 143ms
64ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:54:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2864751215466284059/ Frame 1914 30 KB
31 KB 140ms
65ms Image
image/jpeg 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2864751215466284059/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:09:48 GMT
x-content-type-options: nosniff
age: 141181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31031
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:31:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 08:09:48 GMT

GET
DATA 200
OK truncated
/ Frame 1914 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1914 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1914 23 KB
9 KB 100ms
38ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:49:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1914 3 KB
1 KB 106ms
44ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:54:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1914 20 KB
9 KB 95ms
33ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:14:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1914 202 KB
64 KB 112ms
41ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 1914 37 KB
16 KB 105ms
34ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:08:26 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 160 KB
55 KB 69ms
69ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/reactive_library_fy2021.js?bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f9021674105cb1f41ef82b2f283bdbc4017d8b0e915f2bc0c0e7d723caec7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55778
x-xss-protection: 0
server: cafe
etag: 17103664038808578036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D12F 732 B
391 B 363ms
362ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=689553242&adf=532061071&pi=t.aa~a.1827426750~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1843&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2209dff43eaab12c724d6869ca8e1e881b0b132513ef7eb79f2abece0e779f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B03C 732 B
390 B 368ms
367ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=280&adk=689553242&adf=2967877387&pi=t.aa~a.2937676140~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x280&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280&nras=4&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1aedf761fcb81b9fcbc3c8bd952a4be9b7eeca76c59fa2cdc56b2d766e8c97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4C5 732 B
389 B 358ms
356ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=250&adk=2763956873&adf=2145266986&pi=t.aa~a.2704198891~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x250&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=2&bdt=1842&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280&nras=5&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2c6cb06123234949291861bcb257aa7ee3b866cb27e5adf78d9a8b1f756c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4DE 62 KB
23 KB 362ms
362ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328476b6cb45e554de91b222635df1808926441a776d9b7b673b86216e83a6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:49 GMT
expires: Fri, 17 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1914 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445846125e86c2d4658523ab342752d28860049e4eaaa4650cc13285d200ec7b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 59FD 9 KB
4 KB 34ms
33ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 02:57:01 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 02:57:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 59FD 4 KB
655 B 47ms
47ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 22:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59FD 2 KB
856 B 35ms
34ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:54:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 59FD 23 KB
9 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:49:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59FD 3 KB
1 KB 41ms
41ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:54:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59FD 20 KB
8 KB 37ms
37ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:14:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59FD 202 KB
64 KB 43ms
42ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 59FD 37 KB
15 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:08:26 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/11788092895826974608/ Frame 59FD 44 KB
44 KB 39ms
39ms Image
image/jpeg 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11788092895826974608/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c819daf951c9d1eb9875b150ee803a44f8814c664e803986ff5e1232ff6258b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:21:02 GMT
x-content-type-options: nosniff
age: 107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44988
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:31:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 23:21:02 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15536947291532457788/ Frame 59FD 4 KB
4 KB 60ms
60ms Image
image/png 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15536947291532457788/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1de71a09d8cddfd630da61363509e7b9d3414e8513cb3d03f21fc791190756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3613
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 20:00:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 23:22:49 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1914 33 KB
33 KB 36ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:07:22 GMT
x-content-type-options: nosniff
age: 159327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 03:07:22 GMT

GET
DATA 200
OK truncated
/ Frame 59FD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 740c6e1253458c12dd642c12ff2de108d2296c44ed2d4a22a5e6d8677a7cedd8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1914
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLQc9yPVXZaDUNfrzkPIP8qevwArXsZGVdPDxgKy0Ep3dxOz4ChABIOfyj09gye6Oi8CkjBCgAd678YwpyAEJqQJefDmLwkCyPqgDAcgDywSqBP4BT9B-SHqwtHff76iSycTk2zWPXtkB8ej...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e44...

0
0

130ms
59ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e4432aeb459ed0000000000000000%22,%224%22:%220x8b03cab370512b670000000000000000%22,%225%22:%220x4402ece70e80c95b0000000000000000%22},%22debug_key%22:%2211112569740032756195%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211032878558%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212607546584841051489%22}&andc=true

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x754ce41777d287810000000000000000","2":"0xdc976823d0d110520000000000000000","3":"0x435e4432aeb459ed0000000000000000","4":"0x8b03cab370512b670000000000000000","5":"0x4402ece70e80c95b0000000000000000"},"debug_key":"11112569740032756195","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11032878558"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"12607546584841051489"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 23:22:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 23:22:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x754ce41777d287810000000000000000","2":"0xdc976823d0d110520000000000000000","3":"0x435e4432aeb459ed0000000000000000","4":"0x8b03cab370512b670000000000000000","5":"0x4402ece70e80c95b0000000000000000"},"debug_key":"11112569740032756195","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11032878558"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"12607546584841051489"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 40AB 39 KB
15 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:02:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 09:02:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 59FD 15 KB
16 KB 35ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:01:54 GMT
x-content-type-options: nosniff
age: 159655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 03:01:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 59FD 15 KB
15 KB 41ms
40ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:10:10 GMT
x-content-type-options: nosniff
age: 159159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 03:10:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 59FD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTneEyPVXZbqxNff0kPIP9sOiiA7XsZGVdPDxgKy0EpiS-IezAhABIOfyj09gye6Oi8CkjBCgAd678YwpyAEJqQLX3YNie0yyPqgDAcgDy4SAgASqBP4BT9BzxmWvblfPL-IdUfhP6gxDd1-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e44...

0
0

127ms
58ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e4432aeb459ed0000000000000000%22,%224%22:%220x8b03cab370512b670000000000000000%22,%225%22:%220x4402ece70e80c95b0000000000000000%22},%22debug_key%22:%2211603646508350016701%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211032878558%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22321554163718191601%22}&andc=true

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x754ce41777d287810000000000000000","2":"0xdc976823d0d110520000000000000000","3":"0x435e4432aeb459ed0000000000000000","4":"0x8b03cab370512b670000000000000000","5":"0x4402ece70e80c95b0000000000000000"},"debug_key":"11603646508350016701","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11032878558"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"321554163718191601"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 23:22:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 23:22:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x754ce41777d287810000000000000000","2":"0xdc976823d0d110520000000000000000","3":"0x435e4432aeb459ed0000000000000000","4":"0x8b03cab370512b670000000000000000","5":"0x4402ece70e80c95b0000000000000000"},"debug_key":"11603646508350016701","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11032878558"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"321554163718191601"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 484A 39 KB
15 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:02:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 09:02:07 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
59ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x754ce41777d287810000000000000000%22,%222%22:%220xdc976823d0d110520000000000000000%22,%223%22:%220x435e4432aeb459ed0000000000000000%22,%224%22:%220x8b03cab370512b670000000000000000%22,%225%22:%220x4402ece70e80c95b0000000000000000%22},%22debug_key%22:%2211603646508350016701%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211032878558%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22321554163718191601%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 23:22:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 126ms
57ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 23:22:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 16ED 100 KB
38 KB 146ms
63ms Script
text/javascript 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2014598b9f989b3849e058a174c09a65ab64ed7f0728849f199f23d01b5a2e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-mnt-h: 22-5h9m
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 17 Nov 2023 23:22:49 GMT
server: Apache
etag: "e7a93e67c4f230bf05ea1eb6d5650e1c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
content-length: 38703
expires: Fri, 17 Nov 2023 23:27:49 GMT

GET
H2 200 release-20230927-130-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 16ED 72 KB
25 KB 124ms
38ms Script
application/javascript 23.205.76.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230927-130-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.76.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-76-21.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1dbd18c0aa6071222d773de0ac1cde277406e857cf0b9c88cbf2035480857bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 17 Nov 2023 23:22:49 GMT
x-guploader-uploadid: ADPycdswZ9QV5U1NRIWxgiqSVnXUAVzgCNWOknzajbo8VVwGJ92dwVecsqlGcROhDDqt0zX7DMsg94q71MCCuHsbTgX_IZaQheFO
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25148
server: UploadServer
etag: "1eb27acd7f471c38284a9857c37daa7f"
vary: Accept-Encoding
x-goog-hash: md5=HrJ6zX9HHDgoSphXw32qfw==, crc32c=3FtsVQ==
content-type: application/javascript
x-goog-generation: 1697195146284262
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Sat, 18 Nov 2023 00:22:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 16ED 3 KB
1 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:54:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 16ED 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:14:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 16ED 0
0 125ms
46ms Image
text/html 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRI3wEJ9vXVFLvUYsLnv91xDwVC1S6-M0j-y6u8PZK03e-Yxpe7DzgB8Ht91jf-Jd1WoazaJ8I5tk7kLXN_IpwnHWkCzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16ED 202 KB
64 KB 50ms
50ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:22:49 GMT

GET
H3 200 HT-Tinh-Khong-Tru-tri-chap-su-thay-tri-su-thay-duy-na-thu-toa-hoa-thuong-deu-la-ho-phap-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2021/11/ 16 KB
16 KB 227ms
226ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2021/11/HT-Tinh-Khong-Tru-tri-chap-su-thay-tri-su-thay-duy-na-thu-toa-hoa-thuong-deu-la-ho-phap-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15e0d22eede797065b49153cd574c75f772e4eb1ece8ccec7889300fc44d621

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:51:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e16-608ff43294296"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbOyMkBzGplYNP4Yn9EbamPJN34lZdUjSS0QJ6P0KHNrPxGgZePFDzDVcCgxiH6ZA%2B0SKxEgRVkj7Ke2yqnjtr%2BPQeojjq%2B9uh3zLCM6fgMzStTKdGrRNDl7XdUb4AC4yRC513ixEoOeQnJ8jev6UUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7cd892a4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15894

GET
H3 200 Pha%CC%A3%CC%82t-A-Di-Da%CC%80-cu%CC%9B%CC%81-he%CC%82%CC%81t-la%CC%82%CC%80n-na%CC%80y-de%CC%82%CC%81n-la%CC%82%CC%80n-kha%CC%81c-bao-dung-cho-chu%CC%81ng-ta-345x225.jpg
daophatmuonmau.com/wp-content/uploads/2022/04/ 19 KB
20 KB 415ms
414ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2022/04/Pha%CC%A3%CC%82t-A-Di-Da%CC%80-cu%CC%9B%CC%81-he%CC%82%CC%81t-la%CC%82%CC%80n-na%CC%80y-de%CC%82%CC%81n-la%CC%82%CC%80n-kha%CC%81c-bao-dung-cho-chu%CC%81ng-ta-345x225.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6594b59b6aa8c9e1a978b29eb716006ebee8b3d310764a6877c23379e82339a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d39-608ff59c1dd30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xnoYdmCLEhVpnbt8IJihIP%2FdbEAUkgFAHwnUIGpQPRznUpSJZLMl3sFB7uy8DUS1JIp682TbgCZ9l%2FU7rrv3YBZVCszun7whF6Bve74DWhZPKrnqCOrA3sthQ5gIVdeD4CbR2t9ljlw6fvfbznBP9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7cd892b4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 19769

GET
H3 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 36ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%7CMontserrat%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daophatmuonmau.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:47:10 GMT
x-content-type-options: nosniff
age: 160539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 02:47:10 GMT

GET
H3 200 773d802c5acade30b11d80ec5fbe30e71683512953.jpg
daophatmuonmau.com/wp-content/uploads/2023/10/ 35 KB
36 KB 224ms
224ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2023/10/773d802c5acade30b11d80ec5fbe30e71683512953.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5730b97f142dd3adc531654cf41e7a7bc2f896ab77eb55deb53ac79eb3d7f5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:52:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8df1-609001caee0e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDKhcauWoM1KqIQlDCx5n2TFmZJ49Mz9%2B6J5%2B8fPBvLvv7rwbZHQdEq%2FdWtHk%2B1o30oMP3zyHdrxEIiOfv3tzINvXDhcqto675WWJeOr1JRGtD%2BMverOqEty7SSw7Qz5ctWEEPGO8re2A1UWg8JxoeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7ce793c4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 36337

GET
H3 200 truyen-tranh-thap-dai-de-tu-phat-thich-ca.jpg
daophatmuonmau.com/wp-content/uploads/2022/03/ 229 KB
229 KB 412ms
411ms Image
image/jpeg 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daophatmuonmau.com/wp-content/uploads/2022/03/truyen-tranh-thap-dai-de-tu-phat-thich-ca.jpg
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c8b3d29c5c3a97611a1e1114e6e5b0ee9fd3147fc7f8e465875a0bf6c99cab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:57:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3928d-608ff587733e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slYEQG2Ej0TxbnMG8r4DTERrHaeiJ7e%2BkZ2TXsgvpH1Hyl22UUGO40AwqPYTQnL7LRdno8TqvYqczcv8O2yBF6NzOvAt92FJAP96KkksskR3bvn%2FtFkptt8THvwFSQyCN4%2BZ7Wv63VHl1Xzo2vLpm20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 827bb7ce793d4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 234125

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 16ED 131 KB
42 KB 238ms
88ms Script
text/javascript 23.40.207.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.207.176 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-207-176.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 3b0b0e7f2225b3a7fb2756b81f185380291fd490343c185f28a2385c442a030d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 23:22:50 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive, Transfer-Encoding
Transfer-Encoding: chunked
Expires: Fri, 17 Nov 2023 23:27:50 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 569A 75 KB
31 KB 283ms
282ms Document
text/html 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

72983cc6c282a53979ec9e0899e885e7a5c66679f93828e215a319047711f074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31428
content-type: text/html
date: Fri, 17 Nov 2023 23:22:50 GMT
expires: Fri, 17 Nov 2023 23:22:50 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-6rtz

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 16ED 35 B
338 B 131ms
45ms Image
image/gif 23.208.68.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=3048&&vgd_cdv=1115&vgd_cage=0&vgd_tsce=L320&vgd_mcf=67119&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=536688544&vi=1700263369840299635&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785037&r=1700263370121&rrr=tzR-hLcl-L_QOabcrvvxnCWciUdpX9qIBFYSWyaSs_A%3D&requrl=https%3A%2F%2Fdaophatmuonmau.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9X~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuuuhuA~8xLjMGvWiu.uf~xLjM7UNv9~xLjMLf1MGv9~Q7OvAiHA9ihFWf~YzMGJwMGmmQ7v9.WW~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvAX~L88Ex1vXW%2CXW~LNvu~Y78Ov0a9999uf~L8Qx8Ov9%2C9~LEQMQOvf9fAuuuhuF~L1Oev9.999%2C9~xLjMGvu.9W~ejfLMxLjMGv9~xLjMjvu9~QjevfA.WX~yN17vou~GGvuiF~JLEYv9.9X~ejfLMxLjMUNv949~EQ8MNvuu%2CA%2C9%2C9%2C9%2CH%2C9%2Cu~GYvu~EQ8MOvuWWh~LUJv9%2C9~1AEMGvf.hh%2CuuF.WF~QOvu~x8OvAAiWyt4THlzsad7iq%2F~NejfLMGvu.u~G7OvA9hiiiu9HXHfWWWWXH99i9iWF9XiFhuifHiAWX9uAhWWffi9uAWHiHXuWFXFH9iFfufuAFhhhFh9XhWWuhhhFfWh9HXFXAufu9uuhuf~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LNevHA.Hf~%3DVvA9HX~UGMxNvof~z7Qvu~UGMNNUQvof~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~GwMQOvf9fAuuuh9u~ONvW~ejfLMGvf.hh~eBMJ-Nv9.ff~e8QMQOvHui~xLjMLEQMGvuH.iF~GwMNmv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyvu.u~e8QMxLjMGv9.XH~ejfLM8MQOvf9fAuuuh9i~e8QMxLjMjv9~J7vfA~ejfLM8MGv9.9u~e8QMGvuFH.Au~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHfu~LkevHA.Hf~jfLMGvu999~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~eBxv9.ff~OfEMjvu9~Nejfvu.u~AENkvu999.Xu~OYYMQ7Lyvw1LYmz5~OfEMGv9.iX~LEQMGvuuF.WF~xLjMQLEQMGvuH.iF~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9X~xLjMLEQMLev9~NGOEv9.9uf~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAiHA9ihFWf~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.ff~EmQvA~1NM75EJvu~1OGjUvAiHA9ihFWf~1YEvu~myG8Ov9.9X9~GkjLv9.9u9~Qx8Ov%3DK4b4R%2FBRurc784MNNLddGLEaxQ~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGouFXFFuHWFAXuhhXA~w7Yjvu~ONx7vhX~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9f~JNEMEu9v9.9AhiWiXFWhFHHFHWfF~JNEMEuXv9.9FXhiAXHhAXfFiHuF~JNEMEf9v9.u99WXHFHAHuFHFhWA~JNEMEfXv9.uHuiHHXFuFFHhhFHA~JNEMEA9v9.uifHWuFXfiuFFHhAh~JNEMEAXv9.Ah9hhuWAufXAuFAu~JNEMEH9v9.HuuHhFAuHfA9FAHF~JNEMEHXv9.HXi9fFfFHfFAf9AuH~JNEMEX9v9.XuhHFH9AWW9uHHXF~JNEMEXXv9.XWhXWu9hiuAHfhX~JNEMEF9v9.FXfhFuXiiXWWuu9i~JNEMEFXv9.hHuHH9AhXHuhFFiA~JNEMEh9v9.iH9FfHfWhAHAW9XA~JNEMEhXvu.9XWhH99AFFi9XWfH~JNEMEW9vu.ffHA9fhiWu99WuHX~JNEMEWXvu.F9AHHAf9iFiiFFWh~JNEMEi9vf.AuXhFF9FWiiuiHA~JNEMEiXvA.h99FWWXFuuhuWW~JNEMEiivi.fi9fff9Wu9XuFFh~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfuX&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Rxkk1jm%22%7D&vgd_bid=349068&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1700263369148223504&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p11906777941t202311172322&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001700263370116016112657312721&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.208.68.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-68-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 17 Nov 2023 23:22:50 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 17 Nov 2023 23:22:50 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1EC1 27 KB
10 KB 148ms
147ms Document
text/html 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2534182281a03a5f8ae407f1fc29e9d2656987e2b074bb8620bf18d13d596764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9622
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 23:22:50 GMT
expires: Sun, 19 Nov 2023 23:22:50 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 16ED 35 B
191 B 214ms
103ms Image
image/gif 23.216.84.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6433&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=9sskLgFwsmuyoqZbcEm-ig&vid=9sskLgFwsmuyoqZbcEm-ig&dn=daophatmuonmau.com&rawDn=daophatmuonmau.com&requrl_dn=daophatmuonmau.com&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Fdaophatmuonmau.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=Buffalo&zip=14202&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-ebda-7798f4bf6-f8qvf.OR&dtc=west_or&zone=b&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=716&sckfl=1&suid=CAESEBVwB1DMtiE_ccrjjbrpOus&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm7U_UWWeO26Vj7iIKYmT_ahKCLTLIU2AQg695MKtfwuKXWxiZeKtKMDHa04ErqWBnSX&pexid=ADX-pub-1656614863517753&geoll=true&is_ortb=false&commit_id=b7355622&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-11-16+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=78&req_tid_present=false&pvid=460&prvAccId=536688544&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=43287323222424_1831968960_8392886434601&size=728x90&chnl=HARMONY&bdp=0.050&bid_uuid=d8644ab35d9413c20c0f14e3025ef4c9&cbdp=0.012&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.012&dsrc=-2&dp=0&dbf=1&epc=536688544&s=1&snm=SUCCESS&pcrid=8CU7Q771E-536688544-46-29&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=22&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D0%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1700263369623&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.05&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684000728009000059500&strg=HARMONY&vls=0&scrid=1700080807684000728009000059500&mang=1&pvdTmax=215&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=29a001a641&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23Mcid%3Atoken_1%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=1543d280f7c2955181233a9399900575&rtime=24.0&wsip=mowx-67b8f5b4f6-wvhv8&ltime=31.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=3943097682&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=1543d280f7c2955181233a9399900575_1&policy_enf=2&pub_blk_enf=1&req_size=728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=9sskLgFwsmuyoqZbcEm-ig_1&supplyTagId=3943097682&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2023-11-17+23%3A22%3A49&__expireat=1700263969880&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.050&lo_cbdp=0.012&actltime=31&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.05~dom_b%3D0.53~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023111713~iurl_b%3D891.12~url_tkc%3D0~url_r2a_b%3D0~std%3D3943097682~mn_beh_boost%3D0.88~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D15~bh_im%3D35~riipua%3D58%2C58~rc%3D1~mtid%3DPO000012~risuid%3D0%2C0~rps_sd%3D2023111716~radv%3D0.000%2C0~url_b%3D1.08~vl2r_url_b%3D0~url_l%3D10~slv%3D23.85~gcat%3D-1~bb%3D196~erpm%3D0.05~vl2r_url_kc%3D0E0~psi_c%3D11%2C3%2C0%2C0%2C0%2C4%2C0%2C1~bm%3D1~psi_d%3D1887~rke%3D0%2C0~a3p_b%3D2.77%2C116.86~sd%3D1~uid%3D3398gXEL4znFOjt9HV~cvl2r_b%3D1.1~btd%3D3079991045428888540090986059671924938501378822901384945186564096212136777670578817776287045653121011712~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.95~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D43.42~CI%3D3045~kb_uc%3D-2~nts%3D1~kb_ccks%3D-2~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~bh_sd%3D2023111701~dc%3D8~vl2r_b%3D2.77~vw_exc%3D0.22~vis_sd%3D419~url_rps_b%3D14.96~bh_co%3D0~dc2%3D1~v_asn%3D20278~last%3D~cvog%3D1.1~vis_url_b%3D0.54~vl2r_i_sd%3D2023111709~vis_url_l%3D0~et%3D23~vl2r_i_b%3D0.01~vis_b%3D164.31~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D421~rfv%3D43.42~l2r_b%3D1000~radp%3D0.000%2C0~sid%3D536688544~url_rps_kc%3D0~vwu%3D0.22~d2p_l%3D10~cvl2%3D1.1~3pcf%3D1000.51~dmm_strg%3Dharmony~d2p_b%3D0.95~rps_b%3D116.86~url_srps_b%3D14.96~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.05~url_rps_rv%3D0~cbdp%3D0.012%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D3943097682%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.22%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D3943097682%7Eamp%3D1%7Eogbid%3D0.050%7Ebflr%3D0.010%7Esuid%3DCAESEBVwB1DMtiE_ccrjjbrpOus%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-1656614863517753%7Ehtml%3D1%7Edcut%3D75%7Edogb%3D0-1%7Eecp_used%3Dq10%7Eecp_p05%3D0.02%7Eecp_p10%3D0.037989568764464826%7Eecp_p15%3D0.06579354735269416%7Eecp_p20%3D0.10085464341646783%7Eecp_p25%3D0.14194456166477643%7Eecp_p30%3D0.19248165291664737%7Eecp_p35%3D0.3707718312531631%7Eecp_p40%3D0.4114763142306346%7Eecp_p45%3D0.45902626426320314%7Eecp_p50%3D0.5174640388014456%7Eecp_p55%3D0.587581079134275%7Eecp_p60%3D0.6527615995881109%7Eecp_p65%3D0.7414403754176693%7Eecp_p70%3D0.9406242873438053%7Eecp_p75%3D1.0587400366905824%7Eecp_p80%3D1.2243027981008145%7Eecp_p85%3D1.6034432096996687%7Eecp_p90%3D2.315766068991943%7Eecp_p95%3D3.70068856117188%7Eecp_p99%3D9.290222081051667~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D215&utime=505&sf=0&cpr=0.8748265029261257

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.216.84.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-216-84-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 17 Nov 2023 23:22:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6082 1 KB
643 B 34ms
33ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 13:25:49 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 13:25:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16ED 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b42ef679fab174e5eee7f79474869baba73e31f360df006b613a28319ee655f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 16ED 0
19 B 68ms
67ms Image
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnZ1PyfVXZcjLGYKNkPIP2_2hiAS-laSvbPfa0tOsDMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTE2NTY2MTQ4NjM1MTc3NTPIAQmoAwHIAwKqBPgBT9CfOoJzovACnObGY8tXhDdHYKRqxXNCPpC3lrPFPQoQbO-oDrnxAqrjU44bL123nigbMX001-uNhvJrxVc-1pEYh2NQMCESgmtnaGJiZ-dzwkcE89tCwvto-hTwcEaMNMDLarWPUqw_ELxJ5qos7JBvF8SdaTBhGWhgNXFFtKIS-H7mhFVjmLS8Ed3zGW8VrnhpK86yWrGjzvciBSi-bedZxwwe7c-4Z10ul5cikoJ2oEMJuKQiXquUxaNy7DKu2a5Z8isdM0WzeCknBcM2G6t9XF56e6EzIuetRjt9W_A-hHoYrC6AflJlcGKokzlQC5OvkLyEZLuABofxr5Or-JijOaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTY1NjYxNDg2MzUxNzc1MxgA&sigh=tB7ab9qCT-o&uach_m=[UACH]&cid=CAQSPADICaaN29ZnNJj55Lt7vEoGe13DZiDDkhOUTB4ObHo4_q-RyMTWQw3gFxy8bE8kj9HVlxiO0h2uZStfKxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 16ED 35 B
191 B 116ms
47ms Image
image/gif 23.216.84.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjQzMjg3MzIzMjIyNDI0XzE4MzE5Njg5NjBfODM5Mjg4NjQzNDYwMUAxNTQzZDI4MGY3YzI5NTUxODEyMzNhOTM5OTkwMDU3NZgHmpmZmZmZqT80aHR0cHM6Ly9kYW9waGF0bXVvbm1hdS5jb20EVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNiRkYW9waGF0bXVvbm1hdS5jb20SOENVVTlKRjhICAw3Mjh4OTAKMC4wMTIOd2VzdF9vcgZBRFgICG51cmwAAAAAAAAANkCu7sD5-2ICMgAAAAAAAPC_NnJ0Yi1lYmRhLTc3OThmNGJmNi1mOHF2Zi5PUj4xNzAwMDgwODA3Njg0MDAwNzI4MDA5MDAwMDU5NTAwAhBiNzM1NTYyMgJiAg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.216.84.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-216-84-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 17 Nov 2023 23:22:50 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 16ED 35 B
296 B 218ms
34ms Image
image/gif 23.12.144.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=1543d280f7c2955181233a9399900575&algo=unison26&bdp=0.0500&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=839288643&ct=Buffalo&dc=west_or&dfpbd=0.0120&dn=daophatmuonmau.com&iwb=1&ogcbdp=0.0500&other_bids=0.05&other_prv=460&pbshr=100.0000&prdp=0.0120&requrl=daophatmuonmau.com%2F&sat=1&sc=NY&sc_pvid=460&send_erpm=true&server=1&size=728x90&strg=harmony&totalTime=6526969&ugd=4&ver=9.6.3&cliIP=0&time_stamp=2023-11-17%2023%3A22%3A49&seat=BID_API&itype=adx&req_id=9sskLgFwsmuyoqZbcEm-ig&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&br_ver=119.0.6045.159&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&model_key=generic_adx_1-cid_0&ogerpm=0.0500&ogerpm_used=false&rawbid=0.0500&totalTimeBucket=6&as_cache=0&sub_bidder=196&current_day=5.0&current_hour=23&cut=76&floor_bucket=0.00&model_version=202311171711_generic_adx_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.2200&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&predicted_wr=60.7131&bdp_wider_bucket=1&adblk=3943097682&dim10=false&dmm_m9=0.0000&dmm_m10=2082350&log_less=false&cut_bkt=75&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-ebda-7798f4bf6-f8qvf.OR&dmm_m1=2023-11-17%2023%3A22%3A49.625242701&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0500&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807684000728009000059500&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.5174640388014456&ecp_p75=1.0587400366905824&ecp_avg=0.02&ecp_status=Success&ecp_used=q10&ecp_rtime=1297.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-67b8f5b4f6-wvhv8&rel_cut_bkt=95&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.14194456166477643&ecp_p60=0.6527615995881109&ecp_p70=0.9406242873438053&ecp_p80=1.2243027981008145&ecp_p85=1.6034432096996687&ecp_p90=2.315766068991943&ecp_p95=3.70068856117188&ecp_p99=9.290222081051667&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1656614863517753&output=html&h=90&adk=3943097682&adf=1959283240&pi=t.aa~a.3008615530~rp.4&w=750&fwrn=1&fwrnh=100&lmt=1700263369&rafmt=1&to=qs&pwprc=2371705645&format=750x90&url=https%3A%2F%2Fdaophatmuonmau.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263369336&bpp=1&bdt=1842&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C750x280%2C750x280%2C750x250&nras=6&correlator=5801919852783&frm=20&pv=1&ga_vid=973047983.1700263369&ga_sid=1700263369&ga_hid=305308253&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44809317%2C31078297%2C31079654%2C44807763%2C44808148%2C44808285%2C44809057&oid=2&pvsid=1561733453930361&tmod=935265164&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.12.144.32 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-12-144-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 23:22:50 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 17 Nov 2023 23:22:50 GMT

GET
H3 200 selectize.min.js Show response
daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/js/ 45 KB
16 KB 413ms
413ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/js/selectize.min.js?ver=4.5.8
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb953b7bb17b8c55450856811b9fb8b3373ee909927ca7b7444874da9ddad078

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:21:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b30c-608fed6782748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fen0M0AfoB0FnMgsOwKy1gJ%2BM4%2FSbk1Jmw86zFC3LC78vHA3vuBC68nCA%2FtQvse6IQ8nyZwxL08Wm9qV2HCHKn6t%2F7HeoYUI%2Fl8klEL4Pgu68Qut9PEaWBlSGWc9%2FK5kY4bv2FMz%2B%2F3ZRqOCnjHEcMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94a4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 wbg-front.js Show response
daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/js/ 4 KB
1 KB 242ms
241ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/wp-books-gallery/assets/js/wbg-front.js?ver=4.5.8
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d124b000a906b496d1c98304c8a274efa14f7e7247c014c9f53d41ac9bf289e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 08:21:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f20-608fed680fd06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wwmRhTCGJpOAVisNbPA0rJ3mLvhO6wMhv7L7GtX8uADmy3iorhtWmIAt1itQVqLvpQKp3ZJNy5zcpjU09Ms1TLUiPTgg6N4j5DqmTo3nmbD1PCY9kZJhM73HgTcQwO8g9n1A2V0UEtUy7ePSynt4wk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94b4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 front.min.js Show response
daophatmuonmau.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 243ms
242ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Nov 2023 03:33:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"180f-60a2892e15d3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8YNEWMRLV8V2S3fSYzYglEQ8y7B1MWMbwDb45FhjbcNe%2FvhKMXVK%2Feid0qiyKfV63%2F7AuwtfByJJGJlysm5xD%2FKkd0h36qN0gGyWslDjO6okANE9hDQefduGMOFftKcwAs46gvaqTkgkx3aQyk%2Bsow%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94c4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
daophatmuonmau.com/wp-content/themes/blog-way/assets/js/ 880 B
908 B 410ms
409ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/js/skip-link-focus-fix.js?ver=20161202
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"370-609000443e25d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3bsvp4%2B951UWXmZLs%2BYAqE9OTELRKubQ34GmMOxlzTtjJeTHxz%2FuS4ZkwHMHBxlvBt0CDEcQ%2BR332sP3E%2BCP5rfsWCBxI7SQ3f3QhBDD4sMHFJeepboqG9vyMDOEFn3%2Bv5Xu58G6m2ONdTG96HiN84%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94d4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/bootstrap/ 36 KB
10 KB 414ms
413ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/bootstrap/bootstrap.min.js?ver=20161202
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"90b5-609000443e645"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEyVzv8vWDFGePu68idooSk%2BBcP%2BWNRiMzV1tOR5azp5JFOGNLUqNkmHTr9wgJjjOmmSK1PFY6g0%2B6zgfemOdvmd2t05Mlr34Mo75h34x2tf36gLzkMyb8WQ7wPkwMMsA1%2BUnGDTb%2BX6B9hn03lnWec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94e4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.meanmenu.js Show response
daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/meanmenu/ 12 KB
4 KB 243ms
242ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/third-party/meanmenu/jquery.meanmenu.js?ver=20161202
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d923c995b04887561c723f5072c2d435f622932c53ed4ce6f2adafebaa2257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"300e-609000443ee15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jrkr3e777O8uYBPkBWZ69I919vWo7t6Dazxg1%2FWQol8ZnwTxNYGR1us4cVlg8RPvugwlZSn3kdo0cPkkUFYCF6TEwC98s27lxScwBLbfHnNocYmf6OXI9KIaDsMrqxk4ugMVRAunjp%2B3ZCcuAx8mXU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb94f4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.js Show response
daophatmuonmau.com/wp-content/themes/blog-way/assets/js/ 732 B
855 B 415ms
414ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-content/themes/blog-way/assets/js/custom.js?ver=20161202
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8b07d4e6254f86f86fe22f68d150e213b3b0e8d3afb51739e9ebdb82c4f09c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Oct 2023 09:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2dc-609000443e25d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY0C%2Be7hjnbxjeDAgQ2GV%2FCZJ4LuPN5r12bv7RBxoyuCv4O2FAjOtOUeeBEGO4HYDvTyU5PQ86x4CXDTjCMbfI9Mx0I8ofJfRq1hjKHmJH4dGTtL%2BzTGPwX7%2F%2BoHTafikhcWJl5tkwf95U%2BM8KYD7q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7cfb9504bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_cver=1&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRX...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=25efafa2eff21065&is_secure=true&networkId=14000&version=1&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_cver=1&google_push=AXcoOmT78aOO...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGTgYYOGt3cQMXayhVAAAAAAA&expiration=1700349770&google_cver=1&is_secure=true&google_gid=CAESEASLJvDD76Awb5eW2_NZ9...

170 B
188 B

44ms
44ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGTgYYOGt3cQMXayhVAAAAAAA&expiration=1700349770&google_cver=1&is_secure=true&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRXOchkF0siJ8abAdmqtVcIKWnS9TfbeDC4ADB-ye4QGIPjNybDpkQO-z_bCMlrf1YHNSOEcBrcLk0jzNhLVaw-9BPxGf_j9HldUJJIbnw

Requested by

Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGTgYYOGt3cQMXayhVAAAAAAA&expiration=1700349770&google_cver=1&is_secure=true&google_gid=CAESEASLJvDD76Awb5eW2_NZ92s&google_push=AXcoOmT78aOO6-IdvCOK5086IIGNKR-bdAvAZjR_wp-6IT-xouoPdRXOchkF0siJ8abAdmqtVcIKWnS9TfbeDC4ADB-ye4QGIPjNybDpkQO-z_bCMlrf1YHNSOEcBrcLk0jzNhLVaw-9BPxGf_j9HldUJJIbnw
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKIexVyevHYocIzAoM_81MU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWpxVTF1Mk8xUjQ4YUs1&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9...

170 B
188 B

44ms
44ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWpxVTF1Mk8xUjQ4YUs1&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9IIj2Al0vNGwfvbklaYPHf99Eu6NMyAWIrgKZTlSxU1eDD3s-eURdMtEMfJSDu7YnWUj9b162cw9CaRQ4SDHfZpcotSRHUfi9MES7pV_5WsHe64A

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 23:22:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-018b8b33f7e4bff42@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SWpxVTF1Mk8xUjQ4YUs1&google_gid=CAESEKIexVyevHYocIzAoM_81MU&google_cver=1&google_push=AXcoOmSyw93eqKoFErXISkuSmTCgb2elZnLKjWUTeL2huu9IIj2Al0vNGwfvbklaYPHf99Eu6NMyAWIrgKZTlSxU1eDD3s-eURdMtEMfJSDu7YnWUj9b162cw9CaRQ4SDHfZpcotSRHUfi9MES7pV_5WsHe64A
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESENqtldp42SJTStfqPOyD4i0&google_cver=1&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbT...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbTnHK9dufQo6QjaXX6u_aKpVUzn39...

170 B
243 B

45ms
45ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbTnHK9dufQo6QjaXX6u_aKpVUzn39rNBvME2-SG36nU76kHjfe-C0Bi5sN&google_hm=UjMzNjQ2XzEwQzRGREYzRl85MUQ3MTY3Qg%3D%3D

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSn0dDK0vvHngvV5d2pcaXXfqs0EdlN_iwP1-L5NGV2v9Y0FCau7mRtngP0zcHArpRx5gofbMdjVDCW2-xQsU9Vh-P3nlbTnHK9dufQo6QjaXX6u_aKpVUzn39rNBvME2-SG36nU76kHjfe-C0Bi5sN&google_hm=UjMzNjQ2XzEwQzRGREYzRl85MUQ3MTY3Qg%3D%3D
Date: Fri, 17 Nov 2023 23:22:49 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-383268170; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 402
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE5Ev3_KF3Qt8eoahpHPXoo&google_cver=1&google_push=AXcoOmQPdYV25VOfOCLdqWdWzE9ZJCaN7U-toA0QzJsJxU7USZovjro15yzfeL1it-tLaPZpdsUlF5DDu_U__BrgqI...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE5Ev3_KF3Qt8eoahpHPXoo&google_cver=1&google_push=AXcoOmQPdYV25VOfOCLdqWdWzE9ZJCaN7U-toA0QzJsJxU7USZovjro15yzfeL1it-tLaPZpdsUlF5DDu_U__BrgqI...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQxMzEwYzYtZTg1OC00MzIyLWIxMzEtMzVkOTZmNzA1YjI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d1310c6-e858-4322-b131-35d96f705b29

170 B
188 B

44ms
43ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQxMzEwYzYtZTg1OC00MzIyLWIxMzEtMzVkOTZmNzA1YjI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d1310c6-e858-4322-b131-35d96f705b29

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQxMzEwYzYtZTg1OC00MzIyLWIxMzEtMzVkOTZmNzA1YjI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d1310c6-e858-4322-b131-35d96f705b29
date: Fri, 17 Nov 2023 23:22:50 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTYyN2JhNTAtYWFkZi00ZDQzLWJjOTktMzU5Njc5MThlYWNk&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=1&google_push=AXcoOmTh...

170 B
232 B

47ms
46ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTYyN2JhNTAtYWFkZi00ZDQzLWJjOTktMzU5Njc5MThlYWNk&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=1&google_push=AXcoOmThJnw8eWSqA7sfR2t83vd1bOd_DU3-OEDsrDfVpit3o-QqNtxcHbDBrRszmRiBDYf4uNfB9SEvK6YlZ3LKxPjk3OE0rkQL-608cP3cvlTGoLl6j7eoAOXQEnQx-AcLwKOkQYMFEeGegv6OabiDmm8PGA

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTYyN2JhNTAtYWFkZi00ZDQzLWJjOTktMzU5Njc5MThlYWNk&google_gid=CAESEELjpF2k9759jcXozZuygJg&google_cver=1&google_push=AXcoOmThJnw8eWSqA7sfR2t83vd1bOd_DU3-OEDsrDfVpit3o-QqNtxcHbDBrRszmRiBDYf4uNfB9SEvK6YlZ3LKxPjk3OE0rkQL-608cP3cvlTGoLl6j7eoAOXQEnQx-AcLwKOkQYMFEeGegv6OabiDmm8PGA
date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENnqEb6aXO0xMo7a9oOSsXE&google_cver=1&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3S...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3SHLkMOZ7DGku540MuUEJ8-F_4KOe93MzoEES438...

170 B
232 B

55ms
54ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3SHLkMOZ7DGku540MuUEJ8-F_4KOe93MzoEES438meyYzzJbsp-EkRl9wTeMqG04Q&google_hm=eS1oNnRzNnExRTJwSGhkUlAxRTBIeGFqZ3RqV0Z5ZDJlcH5B

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXm9fczv2m6eOFturMt_avm734J_F2eXTLU5IyJmVlKxXUoWpBVaxaceyMdWWXl88nveEWgUW7xHDeCGezza3UW3SHLkMOZ7DGku540MuUEJ8-F_4KOe93MzoEES438meyYzzJbsp-EkRl9wTeMqG04Q&google_hm=eS1oNnRzNnExRTJwSGhkUlAxRTBIeGFqZ3RqV0Z5ZDJlcH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6082
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELkWP3GH9EeCV797pEZgEBQ&google_cver=1&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5Cu...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5CuzOuBcoQnoYbKsFEXag-HstFQ7G8PA6ggSP_r...

170 B
232 B

45ms
45ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5CuzOuBcoQnoYbKsFEXag-HstFQ7G8PA6ggSP_rqC7OS8tNc286EWowAbebMbdgNyD9FmQZsCOd

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPqxIfiF6j--IK61hia90IqdL9qR22FuRW1a4EiCHMG_w9qr4RgIwQscEIAL3nMXkUeJmnrxHSQ5CuzOuBcoQnoYbKsFEXag-HstFQ7G8PA6ggSP_rqC7OS8tNc286EWowAbebMbdgNyD9FmQZsCOd
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6082 0
130 B 113ms
42ms Image
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvzuxlV1QrnLsDD9BTxg4gvnLMRmcTq-Q49lAqXoDlqaKFcbCx0ZFxf80nJtbfVQhd-RRv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 1EC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQzMjY0OTcwNjU3MzE3MDAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEADZnKkB-cU3JxJvz1Xtl3g&google_cver=1

53 B
618 B

181ms
94ms

Image
image/gif

23.208.68.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEADZnKkB-cU3JxJvz1Xtl3g&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.208.68.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-68-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 23:22:50 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 23:22:50 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEADZnKkB-cU3JxJvz1Xtl3g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4fd68a94-c8a4-4fbc-b03c-f65200b3d570.jpg
contextual.media.net/kimg/new/140x110/2/117/117/46/ Frame 569A 18 KB
18 KB 65ms
64ms Image
image/jpeg 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/140x110/2/117/117/46/4fd68a94-c8a4-4fbc-b03c-f65200b3d570.jpg?v=9

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7b2fed86bcc2715e8ad7ab84337eb06fe406c1f3ccc728db3e7394abc6537062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Mar 2018 15:22:41 GMT
server: nginx
etag: "5aba61c1-4820"
content-type: image/jpeg
accept-ranges: bytes
content-length: 18464

GET
DATA 200
OK truncated
/ Frame 569A 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dbe91e4a-245d-4ba1-9366-d38d35ecca40.jpg
contextual.media.net/kimg/new/140x110/2/77/196/151/ Frame 569A 14 KB
14 KB 76ms
76ms Image
image/jpeg 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/140x110/2/77/196/151/dbe91e4a-245d-4ba1-9366-d38d35ecca40.jpg?v=9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f1572a5abf65d8d1cc8e080cc7011bf90944b5aa14f5e5be277e1dfe4e5c79cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 19 Mar 2018 20:29:55 GMT
server: nginx
etag: "5ab01dc3-38ba"
content-type: image/jpeg
accept-ranges: bytes
content-length: 14522

GET
DATA 200
OK truncated
/ Frame 569A 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 569A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 569A 25 KB
25 KB 48ms
48ms Font
font/woff 23.60.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.4.23 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3287&&kkdd=nA%7CW%7Cuhn3*9AH&93=0Zk&U9=z0rrZKqqK*kIrZ**KqE&1Td(=r&hBdO=r&WTU=zzzE&yBWF=bqZr&W9T=kfp0J00zt&WdWT=JWj18vli~etlSz~~V((eW3%3D%3D&W(9T=EqKKkkEII&B9oF=0Zkv*r&WW=pA&BW=cw&WnHh=CmQ6ucw&d9T=kDuQI5!0c&yd9T=7eEIKA*&nyydB=z&(((=yoQVnbWxVb~JuOXW(UUvHf!W9pTdY*jLlawA!SOAB~m%3D&HBF=E&x3=z&i1T=I&OTyz=kfpp*eakC&OTyZ=kq*ZkkKIq&XTOyO=BTZ%3DHixxR9i(x~x%3DzrR81F(dh%3Dr_rERT8h~X%3Dr_EqRBWT%3DHSR(OF%3Dr%2CrRT8h~x%3DZrRUxZ(~BT%3DZrZqzzz0zqR9i(x~X%3Dk*z_zZRi(x~y4W%3DrRi(x~(ZO~X%3DrRByT%3Dq*Iqr*0KkZRhH~XFn~X88By%3Dr_kkR(Oy%3Dr_rrr%2CrR9d%3Dz*eI7DOXdf429zUfLXpEoZRGXX%3DzERXn~9h%3DqER(99diO%3DEk%2CEkR(W%3DzRhy9T%3DDurrrrzZR(9Bi9T%3Dr%2CrR(dB~BT%3DZrZqzzz0zKR(OTU%3Dr_rrr%2CrRi(x~X%3Dz_rkRUxZ(~i(x~X%3DrRi(x~x%3DzrRBxU%3DZq_kER1WOy%3DVzRXX%3Dz*KRF(dh%3Dr_rERUxZ(~i(x~4W%3DrtrRdB9~W%3Dzz%2Cq%2Cr%2Cr%2Cr%2CI%2Cr%2CzRXh%3DzRdB9~T%3Dzkk0R(4F%3Dr%2CrROqd~X%3DZ_00%2CzzK_kKRBT%3DzRi9T%3Dqq*k1YtbIoHau2y*C5RWUxZ(~X%3Dz_zRXyT%3Dqr0***zrIEIZkkkkEIrr*r*kKrE*K0z*ZI*qkErzq0kkZZ*rzqkI*IEzkKEKIr*KZzZzqK000K0rE0kkz000KZk0rIEKEqzZzrzz0zZRi9h%3DrR(4y%3Dr_rrr%2CrR81TZd~X%3Dr_*ERBB%3DcmRWW%3DpARi93%3DVzRWF%3DrR(WU%3DIq_IZRfL%3DqrIER4X~iW%3DVZRHyB%3DzR4X~WW4B%3DVZRWy%3DXiGGOx8RXBB~g7!%3Dcm%2CcmRXOB9BZ%3Dz*KRXOB9Bz%3Dz*KRXn~BT%3DZrZqzzz0rzRTW%3DkRUxZ(~X%3DZ_00RU3~FvW%3Dr_ZZRU9B~BT%3DIz*Ri(x~(dB~X%3DzI_*KRXn~W8%3DrRTWZ%3DzRU~OBH%3DZrZ0kRxOBy%3DRWU81%3Dz_zRU9B~i(x~X%3Dr_EIRUxZ(~9~BT%3DZrZqzzz0r*RU9B~i(x~x%3DrRFy%3DZqRUxZ(~9~X%3Dr_rzRU9B~X%3DzKI_qzRUxZ(~i(x~U9%3DztVzKRi(x~yU9%3DrRUU%3DrRWUxZ(~BT%3DIZzR(GU%3DIq_IZRxZ(~X%3DzrrrR(OTd%3Dr_rrr%2CrRB9T%3DEqKKkkEIIRi(x~(dB~4W%3DrRU3i%3Dr_ZZRTZd~x%3DzrRWUxZ%3Dz_zRqdWG%3Dzrrr_EzRThh~By(1%3DnO(h8HSRTZd~X%3Dr_*ER(dB~X%3DzzK_kKRi(x~B(dB~X%3DzI_*KR(43d%3Dr_rrr%2CrR(43T%3Dr_rrr%2CrR9BQFG%3DrR9B9G%3DrRi(x~(dW~X%3DrRX9T%3Dr_rERi(x~(dB~(U%3DrRWXTd%3Dr_rzZRBT%3DzR9ySdF~9T%3Dz0RBFxxF(~yO1~9T%3Dq*Iqr*0KkZRBiddxS~yO1~9T%3DRTFyFWyFT~yO1~9T%3DRU9F3OX9x9yS%3Dr_ZZRd8B%3DqROW~ySdF%3DzROTXx4%3Dq*Iqr*0KkZROhd%3DzR81X9T%3Dr_rErRXGx(%3Dr_rzrRBi9T%3DfmtAtl53lz.6y9t~WW(22X(duiBRTyW%3D3FBy~8(RThh~F(dh%3DGOxBFRThh%3DnO(h8HSRXTdWOdT%3DrRTOx1%3DiH9B8HZKRB1hy%3Dx8H1~yO9x~n8hFdO1F~WOyWnOxxRB8Xd%3DRv9T%3Dm.YVdiXVzKEKKzIkKqEz00EqRnyhx%3DzRTWiy%3D0ERT81X%3DrVzRFWd~iBFT%3DjzrRFWd~drE%3Dr_rZRFWd~dzr%3Dr_rq0*k*EKk0KIIKIkZKRFWd~dzE%3Dr_rKE0*qEI0qEZK*IzKRFWd~dZr%3Dr_zrrkEIKIqIzKIK0kqRFWd~dZE%3Dr_zIz*IIEKzKKI00KIqRFWd~dqr%3Dr_z*ZIkzKEZ*zKKI0q0RFWd~dqE%3Dr_q0r00zkqzZEqzKqzRFWd~dIr%3Dr_IzzI0KqzIZqrKqIKRFWd~dIE%3Dr_IE*rZKZKIZKqZrqzIRFWd~dEr%3Dr_Ez0IKIrqkkrzIIEKRFWd~dEE%3Dr_Ek0Ekzr0*zqIZ0ERFWd~dKr%3Dr_KEZ0KzE**Ekkzzr*RFWd~dKE%3Dr_0IzIIrq0EIz0KK*qRFWd~d0r%3Dr_*IrKZIZk0qIqkrEqRFWd~d0E%3Dz_rEk0IrrqKK*rEkZIRFWd~dkr%3Dz_ZZIqrZ0*kzrrkzIERFWd~dkE%3Dz_KrqIIqZr*K**KKk0RFWd~d*r%3DZ_qzE0KKrKk**z*IqRFWd~d*E%3Dq_0rrKkkEKzz0zkkRFWd~d**%3D*_Z*rZZZrkzrEzKK0R9XW%3DzRHBo%3DzRy1B%3D0Zkv*rRXBX%3DrRXBd%3DrRyhv%3DZzE&HyU=r&hhh=iY8BcGL.jt4%3D&9HLG(=z&XT(LT=IKr&X9T=qI*rKk&hWG=K0zz*&STBd(=z&XOF=lvFF1I%2FOIO&4Oyd(F=z&WOT8hO9H=yoQVnbWxVbVCAncIZViiGTHEuYnZ9frcKjTqZSILAW25uC2~4S28o1%3D%3D&Sdxd=z&9B9T=E&OTU=LHUFBy8(%20a8WiB&BBhW(~UF(=E&d19T=dzz*rK000*IzyZrZqzzz0ZqZZ&BBxT=%7B%22BB9d%22%3A%22ZKrZ%3AGGWk%3ArrrZ%3Arrrr%3Arrrr%3Arrrr%3Arrrr%3Arrrr%22%2C%22BBWW%22%3A%22pA%22%2C%22BBBW%22%3A%22cw%22%2C%22BBWyS%22%3A%22liGGOx8%22%7D&nyhxB(W=z&sflct=3761804&ure=1
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25720
expires: Sat, 18 Nov 2023 23:22:50 GMT

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 569A 15 B
348 B 68ms
67ms Script
text/javascript 23.208.68.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5834&&vgd_canary=0&vgd_l2type=scs_newfl&fp=LMpLSk3OoHPD_sWsPHmVWgcPumnYA45WpT-5iynzUIeGZl7v7YnGwo2J69QTYqQh-sih6HB2drrWus_DA6eDZkFosyOrWrtnirPI6AN-vZadKQHDe7VFVV0ezo5woVWDrkGQEdldR0Tc_zwY2Z0_vA%3D%3D&cme=LewbA4vFiy-5PHfr1WzZJDYqb4Hn_o455_q8DGcuoCd-wwzjO6FEWDbkl2ymklIX1PhyOZL0DBlYklGgBHq4UDhs0cSRHsHQeYfcbTlcqNmdTYJ4Gjo58QRaPH7sQEW1qLyqYMQl7D_ZQessm6SU0w2J7F7L5wMQ3cHKi2rm_Sf2rjh45l24hOjx2PUoVumkipYMg6mzcwUk8BYas2ZdUK7ZdORcDrPAbMlqIYa9ObI%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5W8bGW-lw53HSrcpC2ZLiUNMBXVWSVRL6jiMTbZT7E1g%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CB2u6mirD9-38_SdnQVoGoi9o9RfOPQSqnyGwikRxfoCtEgUP4FdwLYu__NgR99tHYNML_r_or9mC1S9EBrHQ-jpFW2WQDS9FJkKpfzkDVbvXxBuSNBvs5dushJcZkAbmTnDqRVzGUw0sv_hFRkmA4_YiiXhf0lCi7w7Ol821y7DNVPXN5RTKU0tY-_mEtNQRteRxoCq8xLNE65f7EqIeyRNagfhqEBxWbdI4z9mRLNlBxwUgNpVWN8TGma3QAOIrTbF6rTi65GJ3mDZYS3tb-g%3D%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=fuoyxQBuG&kwd[]=How+to+Pass+a+Hard+Stool+Fast&kwt[]=475&kbc[]=c82a852e2e9c5de9b034d604e2367703.d2s&kwp[]=1&kid[]=351242101&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D111708%7C13%3D0.0771%7C14%3D111719%7Cokt%3D475%7Cbkt%3D475%7Cir%3D1%7Ciid%3D8168029%7Cps%3D1.088%7C53%3D1.06%7C60%3D0.73%7C80%3D1.10%7C12%3D1.59%7C1%3D1.54%7C2%3D2.39&ktd[]=4503875327758592&kwd[]=Free+Dental+Implants+Near+Me&kwt[]=475&kbc[]=c82a852e2e9c5de9b034d604e2367703.d2s&kwp[]=2&kid[]=351003743&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D111708%7C13%3D0.0715%7C14%3D111719%7Cokt%3D475%7Cbkt%3D475%7Cir%3D1%7Ciid%3D4722146%7Cps%3D1.088%7C53%3D3.09%7C60%3D1.09%7C80%3D8.86%7C12%3D2.05%7C1%3D2.09%7C2%3D5.42&ktd[]=4503875327766784&v=1&geo=34.9%7C-82.27&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170762786&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Rxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU7Q771E&vi=1700263369840299635&vsid=3432649706573130&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L320-S320&vgd_imdtl=1&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3001ca2a&vgd_nrrsf=scrr&vgd_cty=greer&vgd_ifrmode=14&sttm=1700263370116&upk=1700263370.12977&hvsid=00001700263370116016112657312721&verid=3111299&sbdrId=196&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1700263369148223504&vgd_ecrid=1700080807684000728009000059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=67119&vgd_vstrid=3432649706573130&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9X~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuuuhuA~8xLjMGvWiu.uf~xLjM7UNv9~xLjMLf1MGv9~Q7OvAiHA9ihFWf~YzMGJwMGmmQ7v9.WW~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvAX~L88Ex1vXW%2CXW~LNvu~Y78Ov0a9999uf~L8Qx8Ov9%2C9~LEQMQOvf9fAuuuhuF~L1Oev9.999%2C9~xLjMGvu.9W~ejfLMxLjMGv9~xLjMjvu9~QjevfA.WX~yN17vou~GGvuiF~JLEYv9.9X~ejfLMxLjMUNv949~EQ8MNvuu%2CA%2C9%2C9%2C9%2CH%2C9%2Cu~GYvu~EQ8MOvuWWh~LUJv9%2C9~1AEMGvf.hh%2CuuF.WF~QOvu~x8OvAAiWyt4THlzsad7iq%2F~NejfLMGvu.u~G7OvA9hiiiu9HXHfWWWWXH99i9iWF9XiFhuifHiAWX9uAhWWffi9uAWHiHXuWFXFH9iFfufuAFhhhFh9XhWWuhhhFfWh9HXFXAufu9uuhuf~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LNevHA.Hf~%3DVvA9HX~UGMxNvof~z7Qvu~UGMNNUQvof~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~GwMQOvf9fAuuuh9u~ONvW~ejfLMGvf.hh~eBMJ-Nv9.ff~e8QMQOvHui~xLjMLEQMGvuH.iF~GwMNmv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyvu.u~e8QMxLjMGv9.XH~ejfLM8MQOvf9fAuuuh9i~e8QMxLjMjv9~J7vfA~ejfLM8MGv9.9u~e8QMGvuFH.Au~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHfu~LkevHA.Hf~jfLMGvu999~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~eBxv9.ff~OfEMjvu9~Nejfvu.u~AENkvu999.Xu~OYYMQ7Lyvw1LYmz5~OfEMGv9.iX~LEQMGvuuF.WF~xLjMQLEQMGvuH.iF~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9X~xLjMLEQMLev9~NGOEv9.9uf~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAiHA9ihFWf~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.ff~EmQvA~1NM75EJvu~1OGjUvAiHA9ihFWf~1YEvu~myG8Ov9.9X9~GkjLv9.9u9~Qx8Ov%3DK4b4R%2FBRurc784MNNLddGLEaxQ~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGouFXFFuHWFAXuhhXA~w7Yjvu~ONx7vhX~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9f~JNEMEu9v9.9AhiWiXFWhFHHFHWfF~JNEMEuXv9.9FXhiAXHhAXfFiHuF~JNEMEf9v9.u99WXHFHAHuFHFhWA~JNEMEfXv9.uHuiHHXFuFFHhhFHA~JNEMEA9v9.uifHWuFXfiuFFHhAh~JNEMEAXv9.Ah9hhuWAufXAuFAu~JNEMEH9v9.HuuHhFAuHfA9FAHF~JNEMEHXv9.HXi9fFfFHfFAf9AuH~JNEMEX9v9.XuhHFH9AWW9uHHXF~JNEMEXXv9.XWhXWu9hiuAHfhX~JNEMEF9v9.FXfhFuXiiXWWuu9i~JNEMEFXv9.hHuHH9AhXHuhFFiA~JNEMEh9v9.iH9FfHfWhAHAW9XA~JNEMEhXvu.9XWhH99AFFi9XWfH~JNEMEW9vu.ffHA9fhiWu99WuHX~JNEMEWXvu.F9AHHAf9iFiiFFWh~JNEMEi9vf.AuXhFF9FWiiuiHA~JNEMEiXvA.h99FWWXFuuhuWW~JNEMEiivi.fi9fff9Wu9XuFFh~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfuX&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=248&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=514&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1115&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=200&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00001700263370116016112657312721&rc=0&rand=1700263370441&acid=1543d280f7c2955181233a9399900575&matm=1700263370441&vgd_ltimesrc=1&vgd_ltime=634&vgd_rtime=632&vgd_etm=9&vgd_l1hcsd=S5h9m%7C7690&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6570&vgd_pgid=p11906777941t202311172322&vgd_csip=rtb-ebda-7798f4bf6-f8qvf.OR&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.208.68.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-68-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 17 Nov 2023 23:22:50 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 15
Expires: Fri, 17 Nov 2023 23:22:50 GMT

GET
H3 200 wp-emoji-release.min.js Show response
daophatmuonmau.com/wp-includes/js/ 18 KB
5 KB 418ms
417ms Script
application/javascript 2606:4700:3033::ac43:bc47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daophatmuonmau.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: daophatmuonmau.com
URL: https://daophatmuonmau.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 08:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-608fe96ba5e4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho6pgQgBv9NrMqJS%2BQjV05B0wFG%2B3HcwqZQ0tyVnc7Q9GRHdBcCO8bV8RASESsW3h0q8EgLsZ7g8yM9WvehQMutAdmYFd4NcdSwikILdgsgS3SFAV80NygFDyZnyNd%2Bsz%2B8tY712eEighBieAV72PU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 827bb7d259634bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1914 42 B
174 B 61ms
61ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua4Eo2zzNMDj4JrYvDgtM2s465eoC9i8DUjQHX_SjpDHc112MeAhJnsYWyDi4HQ3lkYASy1i8I9Vp3Nm0JWgzHpzgrdYtKKUrtW1yGjNn7c5Bm2cKFS4-j6uZE1Qp0UxmBPUGpQgrmcQ&sai=AMfl-YSysNn3dgyypjPUHfrxH5eHfOimGY4w54ZWe47_i5hOqJk7-OLzinKgAjbUvpLD73ckes3NMJZGF1VIN5w2LVMcJ1PDw63x9N9mTMjAenNtH7BUPY_n5bu1OvSON3WU7UYSOAEawXQTqg_h78eVdQ&sig=Cg0ArKJSzJHPPPWltl5wEAE&cid=CAQSTwDICaaNx8MfUDt0dospAa_rFiXlmbEvtYF2c76bBz9CAjeDPTJDzBJ2rtqVK2kiPUlBeWYx0KtNhnKEVvDMy0y1Ja21MG46cQ5-sL1lWgMYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700263368821&rpt=821&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59FD 42 B
64 B 60ms
60ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCTcYcXb6y88O4-YGAXSzysOUmyjVOYNdyXNWSFaB3rIN_lH0HLL0h5YFKJBp19XDMxsdZeNkt184R_3TDsEbtJVdBNPLXzjxDBm_oPuYuhOw-VG-WiuR4C4Q4WsqpfYmsU9qS_hy36A&sai=AMfl-YSdcsgGc1P_QVVxgC6Xc0_QNZatC0IhFMolHyby2ZUBw4URX7juWDvh6Gc-neHR1bYvDE7NMaSy0VOnxr3DF3I9gRM9hSe2s7Zhp7Ir2_0jSfulNudhWYtseIMi764hIlXpb1vtBUDIFhpj6-3raA&sig=Cg0ArKJSzGgUaUe8MHwUEAE&cid=CAQSTwDICaaNuHuuYEZoLWD--lOgV5JAz06n-4Fer7vBHv0Nguif4AHXs30wr7LYelpky6yYHfGg0enDjYnMMoXPN97vP36hHSwo0BSA9EV6RwAYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=98,628,1000,1141,1141&tos=98,530,372,141,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700263369427&rpt=266&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 62ms
62ms XHR
application/json 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ffd5d909c2d69ee42bf9e9d14da7e053371cf571b79c434b5ee0c61a74a7d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12377
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 23:22:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0721 13 KB
5 KB 35ms
33ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 34541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 13:47:10 GMT
expires: Sat, 16 Nov 2024 13:47:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C8DD 829 B
1 KB 50ms
49ms Document
text/html 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c7d74267c509c19046bed76f17cf1b750457bc3ad9f42055df4cc78ecf9affc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rYef5Zeixa0cPyBbU-LZ6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://daophatmuonmau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rYef5Zeixa0cPyBbU-LZ6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 23:22:51 GMT
expires: Fri, 17 Nov 2023 23:22:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0721 39 KB
15 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 22:20:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8DD 0
0 59ms
58ms Image
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1561733453930361&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0721 0
10 B 33ms
32ms Image
text/plain 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oG42fQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:22:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1561733453930361&bg=!tLelt_jNAAZxrfrxUa07ADQBe5WfOP36peo5GMglQS6t3CQnKgs32GQeQnxAVS6fhy_ZtXT9tD9FcnY70WzxlCcaTKBxAgAAAGFSAAAAAmgBBwoAP-lFGfBsAi4lCQ0oeopakVbZ_ZEKew7BI6kjYRJ17XM7xN6MSnsqlq2u5URn7O_raORHusfEqVqsak5jk43npZkCtAjebA2qkeb03V3WWNG4bCgwiWexmqdhfP_SGkcq7Ezzn6Lhvcttgjde5Km4dA8_Z8t2mVgY3HKkRF2QTc_vkzP1F60boDTz9K7DvTTpSdOk8QlSBwSX-PLlzKMmsh4Nsi8S4fMGF-nJAT4jk4VvNnWq1pG-t-Nm2eBDUq_8un4tBQYW0WFMWU-rXyZXaotY6joruOknuV3Xaq86VxANi79sKBt7dXl6ltJZYtBHjohQajLizI2Gkk6OmNZ8_cGnuHgpDhSx7y5hHdqFXByHJt_y3uTC14HAMhc4wXx2aSm5y7GOgwpOP9B6Ei4IyO3XuRjzaoa7FX_HxpAT-TFLMQ3PDGE_AVWQ1f1I0hguMhihxTPz0XqxHDCLd1zwIXE60zai9zRDw28vGVgqhp7pD84NRTpr8SV-9r4NMfD14fBuHgzd9WUgyizOxVcXqAlrrLz18rQ9cbWOgBJAM2H2N8EUxYL8BU-D1dBFhVq6DbOvqmdCIqaEhAZ7CG3tBdKIiFPEOuBH_u1oA4hT3-lpMx77zRAiC6zYiT6NwMxvkrMrQM6QDjQmADg-uXkoJBsqUh0IYrOOoSdu4D6-Y-WrLO121M62o5JeEFcspJGFoq6w5n7B1q5bk1BUMEgn3ptjiUH6yNit_MlirrPRH8xIpDLAR73dMKcXDBHi0AbP5tLHBya8fCD2xDFiJDibbMlvx-Aqzg2Tel0TmB9amVve4N0S7Ap0VwBUP4SXpkKPGq_G13xKhLN-SUnTRwrTwhLvz0diGGM_5bqop6oq03Cj982pb-Vz8G6w0AowS4wE9hW4ri-fX_3PvNrRroIcQGElqsiGluVE4t0OTPaUUaWVBCuVokbbdV7dgCSZbFvbbtZvBgD3OxdMoIxWLbpu3iDQSjfLNSlx4gpY1cMLgNPN4pjvPpf5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daophatmuonmau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.daophatmuonmau.com/	1970-01-21 01:53:43	Name: _ga_EPHRFXM94B Value: GS1.1.1700263368.1.0.1700263368.0.0.0
.daophatmuonmau.com/	1970-01-21 01:53:43	Name: _ga Value: GA1.1.973047983.1700263369
.daophatmuonmau.com/	1970-01-21 01:39:19	Name: __gads Value: ID=f51ea5295eb08400:T=1700263368:RT=1700263368:S=ALNI_Mb5n6A5zV_7JbhPImP2HS_uvJPv5w
.daophatmuonmau.com/	1970-01-21 01:39:19	Name: __gpi Value: UID=00000da271dd06fc:T=1700263368:RT=1700263368:S=ALNI_MYuD51nMhLpZ-Q8XqzAnFVSYG58Zw
.doubleclick.net/	1970-01-21 01:53:43	Name: IDE Value: AHWqTUlgQoWR12fW4wU8a4Bi15Kuzz1FYF83HmXM9ysI5IlLHuYOODfIScd3KCRizZI
.googleadservices.com/	1970-01-20 18:27:19	Name: ar_debug Value: 1
.mxptint.net/	1970-01-21 01:53:43	Name: mxpim Value: R33646_10C4FDF3F_91D7167B.1.6557F5CA
.yahoo.com/	1970-01-21 01:03:40	Name: A3 Value: d=AQABBMr1V2UCEGP8Gw8jxVkF1Y72Oea5eB4FEgEBAQFHWWVhZQAAAAAA_eMAAA&S=AQAAAtDlwHuNlwqLkgJm_DYo_fw
.inmobi.com/	1970-01-20 18:27:19	Name: idsp_c Value: 9627ba50-aadf-4d43-bc99-35967918eacd
.adsrvr.org/	1970-01-21 01:04:45	Name: TDID Value: 4d1310c6-e858-4322-b131-35d96f705b29
.w55c.net/	1970-01-21 01:47:57	Name: wfivefivec Value: IjqU1u2O1R48aK5
.media.net/	1970-01-21 01:03:19	Name: visitor-id Value: 3432649706573130000V10
.adsrvr.org/	1970-01-21 01:04:45	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIiPHy4sTzszwQBRgFIAEoAjILCJyWtY_b87M8EAU4AQ..
.w55c.net/	1970-01-20 17:00:55	Name: matchgoogle Value: 5
.media.net/	1970-01-20 16:37:52	Name: data-g Value: CAESEADZnKkB-cU3JxJvz1Xtl3g~~6
.dotomi.com/	1970-01-20 16:17:43	Name: DotomiTest Value: 25efafa2eff21065

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aep.mxptint.net
cm.g.doubleclick.net
contextual.media.net
cs.media.net
daophatmuonmau.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
match.adsrvr.org
mweb.ck.inmobi.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
172.253.122.156
172.253.63.155
20.253.86.149
204.2.226.29
23.12.144.32
23.205.76.21
23.208.68.24
23.216.84.23
23.40.207.176
23.60.4.23
2600:1f18:4e9:5a01:63f1:bb10:b854:7d73
2606:4700:3033::ac43:bc47
2606:ae80:1451:22::730
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::66
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::69
2607:f8b0:4004:c1d::9d
35.71.131.137
51.222.239.230
52.23.71.199
0344292712f6b8fc62c0e2691c9615d0b4d19a0e50edaaf06dedf1342094bd37
05473cd9047dbfcdfdfd8b0aaa07b505e4476a91a9b1034d948341e8c7b7ad97
05b35ae155e3b15db3efb65015c229145682a08b720efe90717eba02da7aaec7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c2c6cb06123234949291861bcb257aa7ee3b866cb27e5adf78d9a8b1f756c04
0e1f2900290198d610ab60bb5fcd319558ed313b3286cabaf4f5e59774186d7e
0ffd5d909c2d69ee42bf9e9d14da7e053371cf571b79c434b5ee0c61a74a7d48
177735f0a3a2faf76a534c7b2b95e086902c69ce495f7e2f15397113e252e04e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18fb71adaefb44273bc8ebddb711dd6976d50d87e0badc122d72abf1d1f9091d
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1dbd18c0aa6071222d773de0ac1cde277406e857cf0b9c88cbf2035480857bba
2014598b9f989b3849e058a174c09a65ab64ed7f0728849f199f23d01b5a2e0a
2209dff43eaab12c724d6869ca8e1e881b0b132513ef7eb79f2abece0e779f78
2534182281a03a5f8ae407f1fc29e9d2656987e2b074bb8620bf18d13d596764
256d031019630fa3064bb265206e4570dcc20f3da73a403dc67a0272773a628d
25cf43e09032ef3a5d2c9366e78057eb2040c2973085c1210b5febe97be414c3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b07239d9d335007f512bd5bc3fa08e0879aa2bd97d1150d907d5a8d3ddc11c2
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328476b6cb45e554de91b222635df1808926441a776d9b7b673b86216e83a6b2
3ac52ac629318cf1fcd7bd6b5b282265b75f7ef499f47047101298af2aa88c78
3b0b0e7f2225b3a7fb2756b81f185380291fd490343c185f28a2385c442a030d
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
445846125e86c2d4658523ab342752d28860049e4eaaa4650cc13285d200ec7b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b42ef679fab174e5eee7f79474869baba73e31f360df006b613a28319ee655f
5c7d74267c509c19046bed76f17cf1b750457bc3ad9f42055df4cc78ecf9affc
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6b7c259ec1b5ca9857506463658bf31e0aea0634ea4130827414cda31a9e1c87
6c819daf951c9d1eb9875b150ee803a44f8814c664e803986ff5e1232ff6258b
70d923c995b04887561c723f5072c2d435f622932c53ed4ce6f2adafebaa2257
71d668b3055924ccf56da1ec44d21c0c8e9e10ef491d568b79f996582281f070
72983cc6c282a53979ec9e0899e885e7a5c66679f93828e215a319047711f074
740c6e1253458c12dd642c12ff2de108d2296c44ed2d4a22a5e6d8677a7cedd8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b2fed86bcc2715e8ad7ab84337eb06fe406c1f3ccc728db3e7394abc6537062
88367d9fb95a35706823afc902001e8197d3aa194acaef2d98ccd1a3abc2148f
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d124b000a906b496d1c98304c8a274efa14f7e7247c014c9f53d41ac9bf289e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a6c8b3d29c5c3a97611a1e1114e6e5b0ee9fd3147fc7f8e465875a0bf6c99cab
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c1aedf761fcb81b9fcbc3c8bd952a4be9b7eeca76c59fa2cdc56b2d766e8c97a
c6594b59b6aa8c9e1a978b29eb716006ebee8b3d310764a6877c23379e82339a
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cecdffaa7582aeae49b5564216aa4f7640283eacb1f4eb7553c735c2efe12b66
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d5d2a5d4674da1b1b6e2c05c39f51e72f5905b95d1fd4c89c8e07dc65ec4d5cb
d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67
d6f9021674105cb1f41ef82b2f283bdbc4017d8b0e915f2bc0c0e7d723caec7c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9fb308260690dfe2e4a5cb100dbe82e4b738d5c8433640bdb9e96a7c7130724
de1de71a09d8cddfd630da61363509e7b9d3414e8513cb3d03f21fc791190756
de8132b592bd5789cea54eab181581b57e7e99fb1aa630dc0fc4906cfc9cf89b
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e15e0d22eede797065b49153cd574c75f772e4eb1ece8ccec7889300fc44d621
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5730b97f142dd3adc531654cf41e7a7bc2f896ab77eb55deb53ac79eb3d7f5e
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb8b07d4e6254f86f86fe22f68d150e213b3b0e8d3afb51739e9ebdb82c4f09c
eb953b7bb17b8c55450856811b9fb8b3373ee909927ca7b7444874da9ddad078
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930
f1572a5abf65d8d1cc8e080cc7011bf90944b5aa14f5e5be277e1dfe4e5c79cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc4f474c7599651e4097f36c69c293d2685e2abecce007b1cd2a8405a2107c86

daophatmuonmau.com Open in urlscan Pro 2606:4700:3033::ac43:bc47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

90 %HTTPS

50 %IPv6

19 Domains

27 Subdomains

20 IPs

2 Countries

2134 kBTransfer

4465 kBSize

16 Cookies

10 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

daophatmuonmau.com Open in urlscan Pro
2606:4700:3033::ac43:bc47 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

90 %
HTTPS

50 %
IPv6

19
Domains

27
Subdomains

20
IPs

2
Countries

2134 kB
Transfer

4465 kB
Size

16
Cookies

114 HTTP transactions
8 data transactions