xn--360giy-0ta.vn Open in urlscan Pro Puny
360giây.vn IDN
103.3.247.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--360giy-0ta.vn/
Effective URL:
https://xn--360giy-0ta.vn/
Submission: On March 05 via api (March 5th 2023, 9:06:36 pm UTC) from US — Scanned from DE

Summary HTTP 171 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 8 countries across 24 domains to perform 171 HTTP transactions. The main IP is 103.3.247.5, located in Viet Nam and belongs to BKNS-AS-VN Bach Kim Network solutions Join stock company, VN. The main domain is xn--360giy-0ta.vn.
TLS certificate: Issued by R3 on February 10th 2023. Valid for: 3 months.

This is the only time xn--360giy-0ta.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	103.3.247.5 103.3.247.5	135967 (BKNS-AS-V...) (BKNS-AS-VN Bach Kim Network solutions Join stock company)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	45.124.86.86 45.124.86.86	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
10	45.124.87.117 45.124.87.117	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
15	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
10 10	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2 2	35.157.53.153 35.157.53.153	16509 (AMAZON-02) (AMAZON-02)
1 11	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	23.35.209.176 23.35.209.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:e064:ebd3:78e:3d3	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
171	20

32 103.3.247.5 (Viet Nam) 1 redirects

ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN)
PTR: static.bkdata.vn

xn--360giy-0ta.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.124.86.86 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: sv-86086.bkns.vn

belife.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.124.87.117 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: sv-87117.bkns.vn

cdnimage.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 10 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

doc-08-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-14-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0o-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0s-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0c-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-04-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0k-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-10-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.53.153 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-153.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.39.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.176 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-176.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:e064:ebd3:78e:3d3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	613 KB
32	xn--360giy-0ta.vn 1 redirects xn--360giy-0ta.vn	299 KB
25	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	200 KB
16	google.com 10 redirects drive.google.com — Cisco Umbrella Rank: 320 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	6 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	266 KB
10	googleusercontent.com doc-08-44-docs.googleusercontent.com — Cisco Umbrella Rank: 349192 doc-14-44-docs.googleusercontent.com — Cisco Umbrella Rank: 448551 doc-0o-44-docs.googleusercontent.com — Cisco Umbrella Rank: 448545 doc-0s-44-docs.googleusercontent.com — Cisco Umbrella Rank: 449600 doc-0c-44-docs.googleusercontent.com — Cisco Umbrella Rank: 424447 doc-04-44-docs.googleusercontent.com — Cisco Umbrella Rank: 446424 doc-0k-44-docs.googleusercontent.com — Cisco Umbrella Rank: 398782 doc-10-44-docs.googleusercontent.com — Cisco Umbrella Rank: 466217	492 KB
10	cdnimage.xyz cdnimage.xyz	49 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	291 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	4 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	869 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1367	485 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1839	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	529 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	460 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	712 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	542 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	608 B
1	belife.vn belife.vn — Cisco Umbrella Rank: 274960	2 KB
171	24

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net xn--360giy-0ta.vn pagead2.googlesyndication.com tpc.googlesyndication.com
32	xn--360giy-0ta.vn	1 redirects xn--360giy-0ta.vn
19	pagead2.googlesyndication.com	xn--360giy-0ta.vn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net xn--360giy-0ta.vn
11	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
10	drive.google.com	10 redirects
10	cdnimage.xyz	xn--360giy-0ta.vn cdnimage.xyz
9	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	xn--360giy-0ta.vn googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	doc-0s-44-docs.googleusercontent.com	xn--360giy-0ta.vn
2	doc-08-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	doc-10-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	doc-0k-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	doc-04-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	doc-0c-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	doc-0o-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	doc-14-44-docs.googleusercontent.com	xn--360giy-0ta.vn
1	belife.vn	xn--360giy-0ta.vn
171	38

This site contains no links.

Subject Issuer	Validity	Valid
xn--360giy-0ta.vn R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.belife.vn RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-13` - `2023-05-12`	a year	crt.sh
www.cdnimage.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-04-15` - `2023-04-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://xn--360giy-0ta.vn/
Frame ID: 402BFCFF5E50C9DEE95F8460C55C7EA6
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 415B06AD8C49EFC924288B48093CA32E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&adk=1812271804&adf=3025194257&lmt=1678050388&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388015&bpp=8&bdt=1304&idt=402&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6397914884505&frm=20&pv=2&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=426
Frame ID: D39E41BA2D303A236B06BC83CF8001D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678050388&rafmt=1&to=qs&pwprc=7533776038&format=1200x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388023&bpp=2&bdt=1312&idt=440&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BDKHxj9LiY&p=https%3A//xn--360giy-0ta.vn&dtd=442
Frame ID: E4AAE7E6850E48C2B9DCA2933E7270D3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7
Frame ID: 6DFA54472AE2A65CEA7D7EC5F53048D9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28
Frame ID: 4C4AC8AB47AE38AD03D44525DA486803
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 8B36FCFBFD152DEE0BBB9BB31E2F89B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: A05AEE5197A919DF03313A892134CA31
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: CF84EA4D67EC90EE44CDE5C122024A7C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: AF42F849F9FB1AA98293DA4AB7B64433
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 5FBF5470A718C530B1E7CBDE0FBED9FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: A2042DCCB1B85024633B78B39459A801
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 5FD4669E4E585446F61020B2E40DEDCC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95BD175A20E3DCD1E90645BF14B401DF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37363385F6D1BA12E6CFC52A3F3E5D2C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 47BE75E0B0E5B5013D8979400C71E17F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: B4EB7D3F2F2DBD0FA4F0590DA42A7A73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 536A860EAC8A511047A2872C1BBF3B11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7F9047BF59EC23AEAC46E1B7A26479B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - 360 Giây

Page URL History Show full URLs

http://xn--360giy-0ta.vn/ HTTP 302
https://xn--360giy-0ta.vn/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

171
Requests

88 %
HTTPS

50 %
IPv6

24
Domains

38
Subdomains

20
IPs

8
Countries

2220 kB
Transfer

4820 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--360giy-0ta.vn/ HTTP 302
https://xn--360giy-0ta.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://drive.google.com/uc?id=1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV HTTP 303
https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379/*/1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV?uuid=835d1027-dbe9-4a1e-ada0-80e9885a105f

Request Chain 31

https://drive.google.com/uc?id=1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI HTTP 303
https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379/*/1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI?uuid=1693553f-29ba-453a-bd57-aa7952686fc4

Request Chain 32

https://drive.google.com/uc?id=1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE HTTP 303
https://doc-0o-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7ooau23vevruf48n41bl97iofd0phed0/1678050375000/05705402827546228379/*/1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE?uuid=657a6907-b22f-47c0-8cf0-087caed1b4f6

Request Chain 33

https://drive.google.com/uc?id=1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa HTTP 303
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379/*/1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa?uuid=028fb357-9286-4400-ba3d-f7e53f462f49

Request Chain 34

https://drive.google.com/uc?id=1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK HTTP 303
https://doc-0c-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/btqemmd2oj7doj9eqj1ufaf1bfi3vep4/1678050375000/05705402827546228379/*/1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK?uuid=9eb86747-5b44-4bd3-8fbf-0313eebc0a88

Request Chain 35

https://drive.google.com/uc?id=1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R HTTP 303
https://doc-04-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/kgtrjn3jfpap0kpue9s2s3ssif260lja/1678050375000/05705402827546228379/*/1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R?uuid=ebcd6409-3ff9-4ac8-a4d0-7aee8fbeabb3

Request Chain 36

https://drive.google.com/uc?id=1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj HTTP 303
https://doc-0k-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ih9e6caqumh81k2kca35t2597p27fdc1/1678050375000/05705402827546228379/*/1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj?uuid=1313215d-5088-4640-afb0-f6c1bf484793

Request Chain 37

https://drive.google.com/uc?id=1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ HTTP 303
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379/*/1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ?uuid=6c784633-08a9-4e49-944c-c96cc71c0691

Request Chain 38

https://drive.google.com/uc?id=1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q HTTP 303
https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379/*/1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q?uuid=712edc43-ec18-45f0-ab00-4c1e1345dac8

Request Chain 39

https://drive.google.com/uc?id=1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax HTTP 303
https://doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379/*/1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax?uuid=5ac812b1-310c-439f-835e-1324c8694347

Request Chain 141

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-caS_q_ryUZE1rZrLQ5gKEydS8rVf-I2CVEF9vQYcqKApRKAgxO_E1Nlw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-caS_q_ryUZE1rZrLQ5gKEydS8rVf-I2CVEF9vQYcqKApRKAgxO_E1Nlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE42aHlzcTkxUHlWeVM1&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-caS_q_ryUZE1rZrLQ5gKEydS8rVf-I2CVEF9vQYcqKApRKAgxO_E1Nlw

Request Chain 142

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECNrNDrhwonnWOqMdT3kN_Q&google_cver=1&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0DMBMPVy6Glv3VWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0DMBMPVy6Glv3VWg

Request Chain 143

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 145

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkIA93zywRXcr4eC-YTnRhCnpN7BcfOWoW9M&google_gid=CAESENb5AclXPI5h1hsMPeIU-l4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkIA93zywRXcr4eC-YTnRhCnpN7BcfOWoW9M&google_gid=CAESENb5AclXPI5h1hsMPeIU-l4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMTA2MzAwMDAyMzI2NjU0ODM3OA%3D%3D&google_push=Aa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkIA93zywRXcr4eC-YTnRhCnpN7BcfOWoW9M

Request Chain 146

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECcV9CYeT0gRI3rjz5bel10&google_cver=1&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbitp4Ca8Bwln_Yv_GJ0d83V_-s HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECcV9CYeT0gRI3rjz5bel10&google_cver=1&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbitp4Ca8Bwln_Yv_GJ0d83V_-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjE4MzI5MzE3MDUxMDA1Ng&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbitp4Ca8Bwln_Yv_GJ0d83V_-s

Request Chain 156

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1&google_push=Aa02lx97xeb1NBqCnt4eH-_UTtiJ8v_pQRRgS4sJ2uH3-ZxcoiOdH2RLHhMzRdPMZgg7g_tfY8mo0IP4_dBZ6O1jLtjRuWRomHqBx-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAyNzI4Nzg4NjQ2MTU2NDM2NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1

Request Chain 157

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPDO48Mw4V2jhT3Dmrjh1CI&google_cver=1&google_push=Aa02lx_VjcDpCTtC5Vcqz8fUlqXae1g0tazzSypKiIZ8iyfzfAn-tnDarNh80a-8GZDKc2i0tXZ7hfqdv9YrVyqxgSbfcnK-lQMIQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPDO48Mw4V2jhT3Dmrjh1CI&google_push=Aa02lx_VjcDpCTtC5Vcqz8fUlqXae1g0tazzSypKiIZ8iyfzfAn-tnDarNh80a-8GZDKc2i0tXZ7hfqdv9YrVyqxgSbfcnK-lQMIQg

Request Chain 159

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJZpkk2yrEhwf10SgHtOMZ4&google_cver=1&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCCY1nmcvjo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCCY1nmcvjo&google_hm=eS1yc21yd3VCRTJwSHlyQnNwekRkaXdFcnpMd3c1d1ZmUH5B

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO9R-rqYFphqcH5v2-wYRRo&google_cver=1&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPfOHUvhSnXUIRGDxnQileLLEhN6epU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWVlZKUFotWi02SUpZ&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPfOHUvhSnXUIRGDxnQileLLEhN6epU

Request Chain 162

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_cver=1&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrVyjsujQZ2nACzru--D8amLXdpZ5vFU-K5ORwzPbFNTMpPFXS_R8DWkEUuVfqvbWTobs HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrVyjsujQZ2nACzru--D8amLXdpZ5vFU-K5ORwzPbFNTMpPFXS_R8DWkEUuVfqvbWTobs&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_hm=ZAUEVmIR_HhAZl01wJb_GQAABJQAAAIB&google_nid=index&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrVyjsujQZ2nACzru--D8amLXdpZ5vFU-K5ORwzPbFNTMpPFXS_R8DWkEUuVfqvbWTobs

171 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--360giy-0ta.vn/
Redirect Chain

http://xn--360giy-0ta.vn/
https://xn--360giy-0ta.vn/

46 KB
9 KB

606ms
200ms

Document
text/html

103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed / PHP/7.3.33
Resource Hash: c89d77e5b5ae159bd6cc1f87da2cd736646938b20c030f1e839132c8bf7d490a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 Mar 2023 21:06:26 GMT
etag: "6624906-1677700172;br"
link: <https://xn--360giy-0ta.vn/wp-json/>; rel="https://api.w.org/" <https://xn--360giy-0ta.vn/wp-json/wp/v2/pages/20351>; rel="alternate"; type="application/json" <https://xn--360giy-0ta.vn/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/7.3.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 683
content-type: text/html
date: Sun, 05 Mar 2023 21:06:25 GMT
location: https://xn--360giy-0ta.vn/
server: LiteSpeed

GET
H2 200 style.min.css
xn--360giy-0ta.vn/wp-includes/css/dist/block-library/ 79 KB
10 KB 200ms
197ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Sun, 18 Jul 2021 23:26:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 9960
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 kk-star-ratings.css
xn--360giy-0ta.vn/wp-content/plugins/kk-star-ratings/public/css/ 3 KB
629 B 200ms
198ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 70211e8296c52b3feb952e99accc2d44101ab3f2d8d20d912a3f544113af17ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Thu, 20 May 2021 10:44:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 573
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 front-flex.min.css
xn--360giy-0ta.vn/wp-content/plugins/siteorigin-panels/css/ 1 KB
441 B 200ms
198ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.12.2
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 9ea7c2f29b8f4c1b6164072d79da13dd6406d09187a5206c5474c9f9334318b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 15:13:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 385
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 junkie-shortcodes.css
xn--360giy-0ta.vn/wp-content/plugins/theme-junkie-shortcodes/assets/css/ 10 KB
2 KB 200ms
199ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/theme-junkie-shortcodes/assets/css/junkie-shortcodes.css?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 43e01213dfe9f3b23f9de93c6d81e78313c61d379eb891f1c41c7a7e39a014c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 08:00:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1855
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 plugins.min.css
xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/css/ 37 KB
8 KB 200ms
199ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/css/plugins.min.css?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 3807c2f6781c001a6f224fe1374fea268b5446efd0f02544837d8b8a8c7d31e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 07:59:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 8019
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 style.min.css
xn--360giy-0ta.vn/wp-content/themes/reviewpro/ 69 KB
13 KB 395ms
394ms Stylesheet
text/css 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/style.min.css?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 5a99396713a3c8996c8741604e1aecfd021362adf15ad7571531047507c3229b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 07:59:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12833
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfc128a3add548c34f5623ce0f1f40eefb3ae3aba081177d3ff1ee5d0360bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:06:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 21:06:26 GMT

GET
H2 200 jquery.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/jquery/ 87 KB
30 KB 394ms
386ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 13:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 30273
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/jquery/ 11 KB
4 KB 395ms
386ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:26 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 07:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3995
expires: Tue, 05 Mar 2024 03:06:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 602ms
99ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6632121185579781

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9a5f8020d2d976993ca43bf1711bf657da6f068c5fddcd75e9ff376775d4599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48253
x-xss-protection: 0
server: cafe
etag: 5913374483055713510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:27 GMT

GET
H/1.1 200
OK addon-ofs.js Show response
belife.vn/Areas/Preview/Scripts/AckGen/ 4 KB
2 KB 1601ms
253ms Script
application/javascript 45.124.86.86
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://belife.vn/Areas/Preview/Scripts/AckGen/addon-ofs.js
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.86.86 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-86086.bkns.vn
Software: /
Resource Hash: 63137b13237895ef6007b48f697dd0b4f3662758e1cfa2dee0e16a4ff0b51dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 21:06:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 07:25:19 GMT
Server
ETag: "80595414816dd71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1456

GET
H/1.1 200
OK cssutinity.js Show response
cdnimage.xyz/js/ 639 B
847 B 1289ms
254ms Script
application/javascript 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/js/cssutinity.js
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: Microsoft-IIS/8.5 /
Resource Hash: 275da6669aa8892ac13c6e00089c30a37af19a0a63b535fff37d300a49fb80fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 21:06:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 09:32:27 GMT
Server: Microsoft-IIS/8.5
ETag: "8cccffd11ead91:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 483

GET
H/1.1 200
OK monitorAktVisit-addon.js Show response
cdnimage.xyz/js/ 747 B
902 B 1359ms
269ms Script
application/javascript 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/js/monitorAktVisit-addon.js
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: Microsoft-IIS/8.5 /
Resource Hash: 5ba504fdb0da47aa4d825f47d9c91e2d2dc7ea42343365cbfa80f35aea0e6609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 21:06:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 04:16:37 GMT
Server: Microsoft-IIS/8.5
ETag: "37a0f69d27c7d81:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 537

GET
H2 200 kk-star-ratings.js Show response
xn--360giy-0ta.vn/wp-content/plugins/kk-star-ratings/public/js/ 2 KB
634 B 395ms
386ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Thu, 20 May 2021 10:44:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 555
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 core.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/jquery/ui/ 20 KB
6 KB 395ms
387ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 16:18:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6589
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 accordion.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/jquery/ui/ 8 KB
3 KB 395ms
387ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 12:05:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2622
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 tabs.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/jquery/ui/ 12 KB
4 KB 395ms
387ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 16:18:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3743
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 junkie-shortcodes.js Show response
xn--360giy-0ta.vn/wp-content/plugins/theme-junkie-shortcodes/assets/js/ 529 B
250 B 395ms
388ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/theme-junkie-shortcodes/assets/js/junkie-shortcodes.js
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 92b840865fb96e1d7f95ce8e84a5dbd69d93b7fb8d8de532a80f3f261bfe3afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 08:00:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 218
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 imagesloaded.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/ 5 KB
2 KB 396ms
388ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 17:23:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1733
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 masonry.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/ 24 KB
7 KB 396ms
388ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 17:23:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7117
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 reviewpro.min.js Show response
xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/js/ 49 KB
14 KB 393ms
388ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/js/reviewpro.min.js
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: c12560632bd6e8473ca244cc032a18b4b3f1da28ea84a0772024dc3d5c056fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 07:59:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 14100
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 instant_click.min.js Show response
xn--360giy-0ta.vn/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
1 KB 393ms
389ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=4.3
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Sat, 04 Sep 2021 09:53:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1167
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 wp-embed.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/ 1 KB
719 B 393ms
389ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 13:59:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 663
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 image.js Show response
xn--360giy-0ta.vn/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
576 B 393ms
389ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.6.0
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 15:13:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 543
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 wp-emoji-release.min.js Show response
xn--360giy-0ta.vn/wp-includes/js/ 18 KB
4 KB 199ms
198ms Script
application/javascript 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 20:45:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4539
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 537ms
42ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 316854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 05:05:33 GMT

GET
H2 200 fontawesome-webfont.woff2
xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/fonts/ 75 KB
75 KB 198ms
198ms Font
font/woff2 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/css/plugins.min.css?ver=5.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://xn--360giy-0ta.vn/wp-content/themes/reviewpro/assets/css/plugins.min.css?ver=5.8
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Mon, 12 Apr 2021 07:59:52 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 77160
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 625ms
130ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:03:51 GMT
x-content-type-options: nosniff
age: 252156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:03:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 606ms
114ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:50:57 GMT
x-content-type-options: nosniff
age: 332130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:50:57 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
19 KB 579ms
95ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:06:41 GMT
x-content-type-options: nosniff
age: 370786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 14:06:41 GMT

GET
H2

429

1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV
doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV
https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379/*/1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV?u...

0
141 B

266ms
266ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379/*/1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV?uuid=835d1027-dbe9-4a1e-ada0-80e9885a105f
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsvKUxZ8_KLNnQFczOWg2ykHhL5qk0MwbfVHQBAi392bbpYNlCgNWkb96L25RNwlbPRVDDl7SXu8t5O2Nbvw9KJW2atWx9G
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-4-Ja0OVUcAIhVeW40HkcDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379/*/1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV?uuid=835d1027-dbe9-4a1e-ada0-80e9885a105f
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

429

1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI
doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI
https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379/*/1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI?u...

0
141 B

284ms
241ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379/*/1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI?uuid=1693553f-29ba-453a-bd57-aa7952686fc4
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsNGgSSBZnzOUIOT3hDI4LFqhntd84_uF8F_flyLSvBPpowwdEslWc1BNPOOW4HqDD0TBoMSZ35YrKCbJXlm5RlYe1mr70v
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-mA_7bYCLmqfWaO39TBPCAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379/*/1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI?uuid=1693553f-29ba-453a-bd57-aa7952686fc4
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE
doc-0o-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7ooau23vevruf48n41bl97iofd0phed0/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE
https://doc-0o-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7ooau23vevruf48n41bl97iofd0phed0/1678050375000/05705402827546228379/*/1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE?u...

192 KB
195 KB

579ms
387ms

Image
image/jpeg

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0o-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7ooau23vevruf48n41bl97iofd0phed0/1678050375000/05705402827546228379/*/1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE?uuid=657a6907-b22f-47c0-8cf0-087caed1b4f6
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8427476be43a9f2327835ccb84abf0dfd25561ce0fb1fe6453183ade424aa277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdus5xLNQiOFEfbrzeRBKLTranj-f2B3F75mAExgk7JrcbfwwAjWVbyd7I8BmrJNhoQaArIb_SpEHNq5qRqXMysXYpt7q6mO
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=OKCBZw==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="anh_637928743524467260.jpg"; filename*=UTF-8''anh_637928743524467260.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 196589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-GhnRtSOl6wHTn1GpHn92UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-0o-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7ooau23vevruf48n41bl97iofd0phed0/1678050375000/05705402827546228379/*/1VVg-jWzT_szI-ps4a5AgRuOV0NotnwuE?uuid=657a6907-b22f-47c0-8cf0-087caed1b4f6
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

429

1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa
doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379/*/1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa?u...

0
3 KB

289ms
228ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379/*/1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa?uuid=028fb357-9286-4400-ba3d-f7e53f462f49
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsGpsx8yZm2I25VEzROs-f962qQubPi9cktQEaQTRwMgXe5GuQwB1aci8En4e9gIQHwSQavcnTFaQLe46Y75Ju3muVHNykM
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-TZaM-mYSLjCMg9qrI2XrNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379/*/1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa?uuid=028fb357-9286-4400-ba3d-f7e53f462f49
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK
doc-0c-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/btqemmd2oj7doj9eqj1ufaf1bfi3vep4/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK
https://doc-0c-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/btqemmd2oj7doj9eqj1ufaf1bfi3vep4/1678050375000/05705402827546228379/*/1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK?u...

101 KB
102 KB

592ms
423ms

Image
image/png

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0c-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/btqemmd2oj7doj9eqj1ufaf1bfi3vep4/1678050375000/05705402827546228379/*/1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK?uuid=9eb86747-5b44-4bd3-8fbf-0313eebc0a88
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d46a9debd90977271a6e9e1a694ea9b3fb5feb2d389b66171b589ff62cbe853d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtpNTwkJJr1j73UNEdUbQOFrZmfjwdb4LYeyk-a8rnXpEwU27yPXo7A7NkYqjWmOJkq4ja7VhTyED7hMMN-Siwfv-fMx4BB
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=IMs1NA==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="anh_637928737517081505.jpg"; filename*=UTF-8''anh_637928737517081505.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 103927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-TEvdEYRBeoiLznGruOSVCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-0c-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/btqemmd2oj7doj9eqj1ufaf1bfi3vep4/1678050375000/05705402827546228379/*/1ycGvCT6z4msbjx1U3LFW7AVnXmM2P8fK?uuid=9eb86747-5b44-4bd3-8fbf-0313eebc0a88
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R
doc-04-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/kgtrjn3jfpap0kpue9s2s3ssif260lja/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R
https://doc-04-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/kgtrjn3jfpap0kpue9s2s3ssif260lja/1678050375000/05705402827546228379/*/1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R?u...

108 KB
111 KB

552ms
410ms

Image
image/png

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-04-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/kgtrjn3jfpap0kpue9s2s3ssif260lja/1678050375000/05705402827546228379/*/1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R?uuid=ebcd6409-3ff9-4ac8-a4d0-7aee8fbeabb3
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da5bb33fd1184bb543a8a36943aaf8c0b7100e87cd9cf2a1f4d4c5cd26958746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsHwRd_fcnPc7tkWWzPHmj94u9rRL_WJCNx4EaCxZ1wmlhe4mER8AzBDw6qu1jLJ-RbEhB5YlkS8ptxAF2u4uSlDQ
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=xIzNeg==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="anh_637928736165427404.jpg"; filename*=UTF-8''anh_637928736165427404.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 110880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-D8bfsuD4OsXGi5J5nYUD8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-04-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/kgtrjn3jfpap0kpue9s2s3ssif260lja/1678050375000/05705402827546228379/*/1sJZcix3qOnZR21aQaeGe7zpb5rMMHV1R?uuid=ebcd6409-3ff9-4ac8-a4d0-7aee8fbeabb3
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj
doc-0k-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ih9e6caqumh81k2kca35t2597p27fdc1/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj
https://doc-0k-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ih9e6caqumh81k2kca35t2597p27fdc1/1678050375000/05705402827546228379/*/1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj?u...

81 KB
81 KB

472ms
407ms

Image
image/jpeg

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0k-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ih9e6caqumh81k2kca35t2597p27fdc1/1678050375000/05705402827546228379/*/1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj?uuid=1313215d-5088-4640-afb0-f6c1bf484793
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c5535bf4ddee264a3eab7d0e18f99f043229d151ac75dbf7ab39e57b0e74941a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsdqR92fl-E0-BrEaQGCNIs5owMFYwbAyjxYGlr0y8UbT1LVvj_pyuqoOixQZ_IX7K5NVj_N73LlWd8dKcf-xWz4w
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=TGQ7nQ==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="anh_637931456869268905.jpg"; filename*=UTF-8''anh_637931456869268905.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 82728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-H-iJUvbK6XVPAwuosHWgLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-0k-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ih9e6caqumh81k2kca35t2597p27fdc1/1678050375000/05705402827546228379/*/1S8oGoOcezCJgAYIfkdO5ToE4oiVekOOj?uuid=1313215d-5088-4640-afb0-f6c1bf484793
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

429

1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ
doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379/*/1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ?u...

0
134 B

240ms
240ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379/*/1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ?uuid=6c784633-08a9-4e49-944c-c96cc71c0691
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdthSSSbKQwXIHeUcB1-0nrqyINlqBx3U7g3v3u2j3i_ro8LB2WfBKsuqw79e9jW-mV273pRATT0MHT0lWkzntrerA
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-T0-4LwLcL4fSN9PiOUUAnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379/*/1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ?uuid=6c784633-08a9-4e49-944c-c96cc71c0691
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

429

1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q
doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q
https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379/*/1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q?u...

0
141 B

284ms
269ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379/*/1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q?uuid=712edc43-ec18-45f0-ab00-4c1e1345dac8
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdt2SFWZiMRrrniZtl1ZxFW3C11KdN4fpNpaqzEO6DlgR-iIwvoyCaF4CMSuofI4gSSOoIZpG2l3GWL-KwIT1T7A_T09RN9W
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-c6_n4aaB0EM-xzVgLWudeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379/*/1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q?uuid=712edc43-ec18-45f0-ab00-4c1e1345dac8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

429

1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax
doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379/*/
Redirect Chain

https://drive.google.com/uc?id=1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax
https://doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379/*/1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax?u...

0
139 B

296ms
229ms

Image
text/html

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379/*/1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax?uuid=5ac812b1-310c-439f-835e-1324c8694347
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsUiV5JV-fJUJMmxdq7Dpn1X38-i1ihWCN3NJW3MlLDGdiBsof4F_zNJGsELoJoxvcuE1tA5AydH7Lu4jh3mc99D7_FdOgy
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 21:06:28 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-twpleOXGdKbB_HInQM7BxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379/*/1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax?uuid=5ac812b1-310c-439f-835e-1324c8694347
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Samsung-ngung-Linux-tren-DeX-bat-dau-voi-Android-10-1170x550.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 51 KB
51 KB 202ms
199ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Samsung-ngung-Linux-tren-DeX-bat-dau-voi-Android-10-1170x550.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: fa93666583ba5f3a12b2e178b3f4021e1bbc54eae1ff41528fa62b9d43989516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:18:31 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 52156
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 Google-ra-mat-khoa-hoc-mien-phi-tren-Android-nang-100x100.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 3 KB
3 KB 375ms
373ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Google-ra-mat-khoa-hoc-mien-phi-tren-Android-nang-100x100.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 3a8996682ae1095da772f757d579aed715c8546736b786c3dbd3f45039cc34d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:18:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3031
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 Microsoft-dang-phat-minh-lai-Qubits-Don-vi-co-100x100.jpeg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 3 KB
3 KB 376ms
374ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Microsoft-dang-phat-minh-lai-Qubits-Don-vi-co-100x100.jpeg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 964f8e85640f08535115d08256d404a80b19729278ab3fc269599e6cb77b54a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:18:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3223
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 Hacker-nay-duoc-quan-ly-de-chay-Windows-10-IoT-100x100.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 2 KB
2 KB 376ms
374ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Hacker-nay-duoc-quan-ly-de-chay-Windows-10-IoT-100x100.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 1485b5c2e79a71a62225cfb3c41bcb6b6ea08005eea282a0d0d8f5fe6deb4632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:16:45 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2179
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 xoc-dia-16.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/11/ 37 KB
37 KB 377ms
375ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/11/xoc-dia-16.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 7800113d19e8b9c30bb839978700f75b5a6c41342a3c6d03bdad2d33c3c51329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Mon, 15 Nov 2021 10:35:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 37954
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 1612114426_Ban-da-thu-Kaisen-Linux-chua-Mot-Distro-Linux-100x100.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 2 KB
2 KB 377ms
376ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/1612114426_Ban-da-thu-Kaisen-Linux-chua-Mot-Distro-Linux-100x100.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 73b08b18b022e966012e9e8b430a4da54b82c53f91aacf45c67d2b454e29ec2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:16:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1867
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 Ubuntu-2004-LTS-cuoi-cung-cung-loai-bo-Amazon-Web-100x100.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 2 KB
2 KB 377ms
376ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Ubuntu-2004-LTS-cuoi-cung-cung-loai-bo-Amazon-Web-100x100.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: 21b5638f996d175b621ab8c5cc869408af042542c8a14005c3a88d2cc9f0f4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:16:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1769
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 Thoi-gian-thuc-thi-cua-Python-gan-bang-voi-ngon-100x100.jpg
xn--360giy-0ta.vn/wp-content/uploads/2021/05/ 3 KB
3 KB 378ms
376ms Image
image/jpeg 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--360giy-0ta.vn/wp-content/uploads/2021/05/Thoi-gian-thuc-thi-cua-Python-gan-bang-voi-ngon-100x100.jpg
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS: static.bkdata.vn
Software: LiteSpeed /
Resource Hash: bb90ae25bc4e8bc8f9d066e5c008ea3645b3eb57f21796f05962f366d5660f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:27 GMT
last-modified: Wed, 26 May 2021 08:16:31 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3214
expires: Tue, 05 Mar 2024 03:06:27 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ 8 KB
8 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:21:08 GMT
x-content-type-options: nosniff
age: 279919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:21:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 14 KB
14 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3Aregular%2Citalic%2C700%2C300%7COpen+Sans%3Aregular%2Citalic%2C700%2C600%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--360giy-0ta.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:45:39 GMT
x-content-type-options: nosniff
age: 379248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14040
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 11:45:39 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 222ms
117ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6632121185579781&plah=xn--360giy-0ta.vn&bust=31072620

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6632121185579781

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

375d5965fac9c76cf060185fe2da13b117b1849f933d720e1f6f254fdba99787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121461
x-xss-protection: 0
server: cafe
etag: 17562849340336161224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 415B 10 KB
5 KB 180ms
54ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6632121185579781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:46:10 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:46:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 403 admin-ajax.php Show response
xn--360giy-0ta.vn/wp-admin/ 2 B
447 B 747ms
747ms XHR
text/html 103.3.247.5
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--360giy-0ta.vn/wp-admin/admin-ajax.php

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

103.3.247.5 , Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),

Reverse DNS

static.bkdata.vn

Software

LiteSpeed / PHP/7.3.33

Resource Hash

1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://xn--360giy-0ta.vn/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: PHP/7.3.33
x-litespeed-cache-control: no-cache
x-litespeed-tag: 9f1_HTTP.403
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://xn--360giy-0ta.vn
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 150ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--360giy-0ta.vn&callback=_gfp_s_&client=ca-pub-6632121185579781

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6632121185579781&plah=xn--360giy-0ta.vn&bust=31072620

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

781240c0031b0e50ca831637d3e2292e8bd6aea77cf0a86df13e2e28e35075a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 306ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 279ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D39E 393 KB
70 KB 540ms
539ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&adk=1812271804&adf=3025194257&lmt=1678050388&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388015&bpp=8&bdt=1304&idt=402&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6397914884505&frm=20&pv=2&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc57c02aabb1c4bc81cdc498c641e3967a9d1833f503b5ef6095db70574bc9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:06:28 GMT
expires: Sun, 05 Mar 2023 21:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4AA 93 KB
33 KB 388ms
385ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678050388&rafmt=1&to=qs&pwprc=7533776038&format=1200x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388023&bpp=2&bdt=1312&idt=440&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BDKHxj9LiY&p=https%3A//xn--360giy-0ta.vn&dtd=442

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b50ef96cef6f78dd1156d741bcdcbda9a088ce83ebef9249a63bd5f3fa03ee5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33753
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:06:28 GMT
expires: Sun, 05 Mar 2023 21:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK cssutinity-main-v3.js Show response
cdnimage.xyz/js/ 67 KB
20 KB 508ms
508ms Script
application/javascript 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/js/cssutinity-main-v3.js?v2=20230305-21
Requested by: Host: cdnimage.xyz
URL: https://cdnimage.xyz/js/cssutinity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: Microsoft-IIS/8.5 /
Resource Hash: dad794481bab5bfc971375e0bf92ad730a258165e9be322d2d2710f10680d927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 21:06:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 09:31:58 GMT
Server: Microsoft-IIS/8.5
ETag: "07b8ec01ead91:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 19634

GET
H2 200 css
fonts.googleapis.com/ Frame E4AA 6 KB
768 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678050388&rafmt=1&to=qs&pwprc=7533776038&format=1200x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388023&bpp=2&bdt=1312&idt=440&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BDKHxj9LiY&p=https%3A//xn--360giy-0ta.vn&dtd=442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 21:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 19:27:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 21:06:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E4AA 2 KB
818 B 204ms
97ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4AA 0
0 104ms
97ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW1JOVAQFZMrRH_-H2fcPg46ysA6yz-upb4v3rMWREeDVkqO6AhABIL722lVglYKAgLQHoAGHuYuwKcgBCakCda6mCKjXsT6oAwHIA8sEqgTqAU_QX0psqTB6dRNamhGUZDHDWs4WRfGIm_bybYw6BRZiiZIjEEH1OzWMtrrAV1BXEc3fKMv3NnheQY2oh-uekPzWDmD-uRLz5WtvqGmu_bMD1iql-2UqBcKvd4fCfm61snFabjOEPK4Fnil9uqKf3cmjmf8fViHDpdEOddTJnK8qUNcHMQMi6tinxDle16RURzU_XnKaoixAoDqn2NQTft0QMWVxaohyD-5KOQuDFRrDu5bfPdBPpQY60atfelFRDpK61l7V6n_p5w_z-YC3I3tLvac2D60_DQXICiqtTHVER7k7mybbdGQq-cAElOiW_KcEkgUECAQYAZIFBAgFGASgBi6AB4fx248EqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_foh0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTY2MzIxMjExODU1Nzk3ODEYAA&sigh=r-K2ckvKLGg&uach_m=[UACH]&cid=CAQSGwDUE5ymPPKJYAicVOC39dpqOXTHRArY4PrDRhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678050388&rafmt=1&to=qs&pwprc=7533776038&format=1200x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050388023&bpp=2&bdt=1312&idt=440&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BDKHxj9LiY&p=https%3A//xn--360giy-0ta.vn&dtd=442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Mar 2023 21:06:28 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15554089519199065801/ Frame E4AA 25 KB
26 KB 150ms
53ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15554089519199065801/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da7c2c166f4fce0cc82daa3ee2b405a4b4fd19125f3b9d1609bcbb6417310aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:11:23 GMT
x-content-type-options: nosniff
age: 356106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25943
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 12:47:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 18:11:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame E4AA 22 KB
9 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E4AA 3 KB
1 KB 121ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E4AA 20 KB
8 KB 115ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4AA 158 KB
49 KB 154ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame E4AA 34 KB
14 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 104ms
104ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js?bust=31072620

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb2ccb8911b7c7c9156abf015b110499bf3986b53bf825a192d1e0df4c3e227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52054
x-xss-protection: 0
server: cafe
etag: 16190893652488150057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
DATA 200
OK truncated
/ Frame E4AA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3895ee828de5bb6a4d37c7592663fe8a9b680060d1037395aa60953cf951660a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 76ms
74ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DFA 110 KB
38 KB 644ms
642ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9f1759031d4df211949e6b2419b50e2cd3adc0ec90d1ff56f65f250226767b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39373
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:06:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C4A 108 KB
38 KB 686ms
685ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc1ceebe43c34f76136517663a0aaebd5cc60ce65248bec3fdbe949ceafd3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38826
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:06:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4AA 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 214118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4AA 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 226039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 06:19:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4AA 15 KB
15 KB 58ms
58ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 589043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 01:29:06 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B36 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 74ms
74ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--360giy-0ta.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame A05A 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:45:50 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:45:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame CF84 10 KB
4 KB 53ms
52ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:45:50 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:45:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame AF42 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:45:50 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:45:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A05A 4 KB
621 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 19:08:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame A05A 2 KB
799 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A05A 0
0 101ms
101ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2I84VAQFZO2dHoyE2fcP4JaCCOPP66Fv7e-9vK0Pl8bC_90sEAEgvvbaVWCVgoCAtAegAfixiZgByAEJqQIIzn5fm3CDPqgDAcgDywSqBM8BT9DwZHrwXpzTEj9MSuNgUaJhic_YejwhhVbaYVbkU9o1BEmmR9Ja7PqUOmNiO2Lwd5kCS5YXN5KhJ5QnVcvb0q7zLcWzbaqKkFsZl3ORyoTmHUPt7o_tb3GgLAfSBL5-LsOsJx4MAcEpryZ67ZZHNYrf8Fx_RK4VFeCQUnHjluGk1b8W596E5L6Z5YCGB8AkzsrtlnyYSYMOIZ-dqk_aJCl_gQlOPamwe5L0qaXFOG5gIa4SMID5Imzal3BGIU69K9w36Kg4K7XFGpTeXg3NwASYi4f4-QOSBQQIBBgBkgUECAUYBKAGLoAH8M325wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCbn5IB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQK0BUBgBcBshccChoIABIUcHViLTY2MzIxMjExODU1Nzk3ODEYAA&sigh=Y6Ez6FY_Hlw&uach_m=[UACH]&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&template_id=484

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame A05A 22 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame A05A 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame A05A 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A05A 158 KB
48 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame A05A 34 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/677252362921748275/ Frame A05A 19 KB
19 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/677252362921748275/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d064a345a0c05ff18118d2e9e4eee543130df09519ae21c96761a8bcbaed40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:23:02 GMT
x-content-type-options: nosniff
age: 269007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19053
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 02:41:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 18:23:02 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17714885612122991865/ Frame A05A 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17714885612122991865/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6afe7fc9f5dcd67e7a40ee3ec8d27a6ac613030ccad240abde47c7c3149848c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 16:57:16 GMT
x-content-type-options: nosniff
age: 446953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2337
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 17:10:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 16:57:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CF84 2 KB
799 B 47ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame CF84 22 KB
9 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CF84 3 KB
1 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CF84 20 KB
8 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF84 158 KB
48 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame CF84 34 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AF42 6 KB
672 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 19:38:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AF42 2 KB
799 B 76ms
76ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame AF42 22 KB
9 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AF42 3 KB
1 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AF42 20 KB
8 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF42 158 KB
48 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame AF42 34 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
DATA 200
OK truncated
/ Frame A05A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b523b52fbd63f2374da766d829994258e5e793c0e91d2816076b0ef3995976f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FBF 36 KB
14 KB 56ms
52ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9851710954256423242/ Frame AF42 48 KB
48 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9851710954256423242/2076313506083323656

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1afa58ba922a027077434c3c3d3aaa70dc9c5882d273c3de0ea7fc97663398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:57:37 GMT
x-content-type-options: nosniff
age: 209332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49270
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 16:18:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 10:57:37 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5569248882082790905/ Frame AF42 10 KB
10 KB 45ms
45ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5569248882082790905/14763004658117789537?w=100&h=100

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 22:36:03 GMT
x-content-type-options: nosniff
age: 426626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10673
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:32:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 22:36:03 GMT

GET
DATA 200
OK truncated
/ Frame AF42 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF42 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd75b960123815bbf430fdd68ad9fb3a79c42036930bb63c345f224ce2c4c279

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4390132461933496968
tpc.googlesyndication.com/daca_images/simgad/ Frame CF84 10 KB
10 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4390132461933496968?w=180&h=320

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c00a8535b763937c292286c9299b54fca92f580417a6356482398f3d23f5d87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 12:05:03 GMT
x-content-type-options: nosniff
age: 32486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10103
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 17:54:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Mar 2023 12:05:03 GMT

GET
DATA 200
OK truncated
/ Frame CF84 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b98715d41bb216fa96521547a08d9db04c67128d2e99041acfd2e68c2ac78c04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame A204 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FD4 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF84 0
18 B 97ms
97ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUdDvVAQFZO6dHoyE2fcP4JaCCP3Du6FvzLLNuIsRobvxpcUOEAEgvvbaVWCVgoCAtAegAcH8wuAoyAEBqQJ1rqYIqNexPqgDAcgDywSqBM8BT9BxvkwOocVxOX3uVnAA6HFS_nG-KI7Wi_3wYSsNnDhikxTZShPpusgcAfPd2F5lf_-qaAuCVQbrNVrd2VDHkzGuIJDY-Myhogwqqa3-LByrndHMqOjUx40cyH0i38oMQb7zDAObQMW1Aza0WFQV9ZXr81YUKR3Vhn-Lu2mH5zJ2UwrBOoXDNtO-AlrvbkEugZOAYcmQ62Xd2iEdAAy7qAKhoxB4X7ZRKAETpsF9ft8qiilH84wdSUzAH1r5QRQYEa2oHFBcRy0jb7xV6YaVwASc64WDlwSSBQQIBBgBkgUECAUYBKAGAoAHwbSTwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDgimHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi02NjMyMTIxMTg1NTc5NzgxGAA&sigh=POIzWdHhg1U&uach_m=[UACH]&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&vis=1

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF42 0
18 B 96ms
96ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzFw5VAQFZO-dHoyE2fcP4JaCCP3Du6FvzLLNuIsRobvxpcUOEAEgvvbaVWCVgoCAtAegAcH8wuAoyAEJqQJ1rqYIqNexPqgDAcgDywSqBM8BT9CNbFdLGnJTtM_YieZIfQ4vPqrB1w_S8gYruejoTfcmX3P63PMJDXzi24tgwktbgYh5o41FSUw5WoovMU1HlFbTq8gpnJoQeGDft3-2Ezo836DU1TYdX5QQSJVZIjOI-VLz-CX7WI8v0mXv59lNBavJikVJ3pHOBdA1exkpYrniMko4knLBsh6oq24b_Sl2c6rSpG4KjBbq8rmku5lCf3hhX9rq0Xmx88efbYFSYx8Art5UavGxuUHSCaHIvRoV5KE7lfm8fXNQHAgxTHzrwASc64WDlwSSBQQIBBgBkgUECAUYBKAGLoAHwbSTwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDgu3LSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNjYzMjEyMTE4NTU3OTc4MRgA&sigh=YyN_kwRNsR0&uach_m=[UACH]&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&template_id=484&vis=1

Requested by

Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK GetAdsDomainInfo Show response
cdnimage.xyz/Preview/AckGen/ 1 KB
1 KB 392ms
302ms XHR
application/json 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/AckGen/GetAdsDomainInfo
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash: 430c26b2c8d1d594a9485bb78114a002f51a7c760d4d02bb9a646a2cfe181180

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xn--360giy-0ta.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT
Cache-Control: private
Access-Control-Allow-Headers: *
Content-Length: 1039
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content GetAdsDomainInfo
cdnimage.xyz/Preview/AckGen/ Frame 0
0 1281ms
255ms Preflight 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/AckGen/GetAdsDomainInfo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xn--360giy-0ta.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT

GET
H/1.1 200
OK monitorAktVisit-ofs-v4.js Show response
cdnimage.xyz/js/ 93 KB
26 KB 256ms
255ms Script
application/javascript 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/js/monitorAktVisit-ofs-v4.js?v=20230305-21
Requested by: Host: cdnimage.xyz
URL: https://cdnimage.xyz/js/monitorAktVisit-addon.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: Microsoft-IIS/8.5 /
Resource Hash: facf49165907a9bcd1a5af892e895f3926d927f91fb68804011257e9886c4423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 21:06:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 15:53:46 GMT
Server: Microsoft-IIS/8.5
ETag: "02113d78c4bd91:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 26248

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6DFA 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DFA 0
0 97ms
96ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvFsNVQQFZJzBDOq1tOUPws2GiAXzwv-GbInlvKHNEI_0kOPXAhABIL722lVglYKAgLQHoAG75f-9AsgBAakCda6mCKjXsT6oAwHIA8sEqgTjAU_Q0GF89JRujtVDZwW58fyjpMiLjMNC15Stk0Lr7SPL9gAkBUz0ERxq220sZQnFx4cTbX17HujzFrrBpMJhJwdLvefs1QAOV4XTAPZC2BKpU2rucdWmOKCb2PGvD-mtqChfOmRdBzXX3QwkuyRbPrjfvyCUrsmZnOfRHhGT5H1oqgbDj5Eqb7TgDZzyVbRh21_GCf_bTo6j-hwzqGDdxJq9Q3MJuDPCUVOTq7EhsaM6s3iQHOehg6Uenu4_XHi-gPKao85uNlWzWQFxoPYcpOMNBLT8UG3aV8o1S1bK10mWtff3wAT2kOChhgSSBQQIBBgBkgUECAUYBKAGAoAHrZqAwgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD48A3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi02NjMyMTIxMTg1NTc5NzgxGAA&sigh=Db8hSKwgjPA&uach_m=[UACH]&cid=CAQSPADUE5ymFQyuAtAINS3l_GwETOMVn_FTgqa4w8KvdTjEZ_N5UP0bCcNIUd2_JgGNYROF9ifLb85BwiaKjRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4444661543560986557
tpc.googlesyndication.com/daca_images/simgad/ Frame 6DFA 31 KB
31 KB 110ms
109ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4444661543560986557?w=600&h=500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f9069ad33c4c47cc921f00e2b95eba7357c43cadc846c53af09edeb4fbc456a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32071
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 20:01:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Mar 2023 21:06:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 6DFA 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6DFA 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6DFA 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6DFA 0
0 139ms
49ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNBEalngZcECK3sHfqL62bJ06mOA3UASFOzJUTErE-8rV9RRqw4ynKweTG0zlcj9VPGsQjybJkP0WofhHq1fxG0OCWjA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DFA 158 KB
48 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 6DFA 34 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95BD 1 KB
643 B 54ms
51ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4C4A 2 KB
765 B 41ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C4A 0
0 98ms
97ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPF2VQQFZLrXDYuMtOUPj-yG8Aqt1Pasb8nnsZLhEInv4YGRDhABIL722lVglYKAgLQHoAG3mIGiKMgBAakCtVwx0jLYeT6oAwHIA8sEqgTTAU_QyMfh7kNu83t8U_p3XqjCGzjAXnslra7ZLPjE_NZNLjFJfeo8gz80hd4lxgUy7_p9Xx-AYY1_aKmz4ZizEt-2t77II8lFs743VflwqrNFcTnma5IS6xNP9A0KZon6QaDF8B9vpBdqfmfc_ky6lkO3-4S5C2VNmyA1cNrSjPr8bHYsyBw7f2m4i0Y1UT7BqCW2B1gdIi9wfiMzXj6i52J8q7tF1YZq4OztXq9SfdrASQJR50gIgYh2PjD3ex-aGcnmRt0kNGq9G8PE8SWgqbg_WlTABOO_6p-SBJIFBAgEGAGSBQQIBRgEoAYCgAeBz426A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPODCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY2MzIxMjExODU1Nzk3ODEYAA&sigh=ziPeoIUKIxk&uach_m=[UACH]&cid=CAQSPADUE5ymR6QMxvKV7qT-gbPzkLwWXS5WVb_sROG0W0ldj9A-OgMLwjmHCKXQHJquIaHFv_YHU_Hc6Cvn4hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 21:06:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6DFA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43414cd80b4c651f92342005a4d0ba614efe7e04243a9764039760e7e0c1316f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16194102272404718523
tpc.googlesyndication.com/daca_images/simgad/ Frame 4C4A 11 KB
11 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16194102272404718523?w=300&h=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eee5dd022fdd8f98fabd236615feeff3ed561e2f12cf2e00451aac2bc7eaf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 07:46:00 GMT
x-content-type-options: nosniff
age: 48029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11643
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 23:04:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Mar 2023 07:46:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 4C4A 22 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:10:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4C4A 3 KB
1 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 4C4A 20 KB
8 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4C4A 0
0 71ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbRpgUDZNMmkR0b-O8aFtIdTY5wrqv9N9kmJxubtphLc8dy_BQPKQ8-0yz1BDYotDSfqg5Tda_pAofh8l4rdtS10rT0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C4A 158 KB
48 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 4C4A 34 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 95BD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE42aHlzcTkxUHlWeVM1&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-...

170 B
232 B

75ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE42aHlzcTkxUHlWeVM1&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-caS_q_ryUZE1rZrLQ5gKEydS8rVf-I2CVEF9vQYcqKApRKAgxO_E1Nlw

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 21:06:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE42aHlzcTkxUHlWeVM1&google_gid=CAESEIO8cYhrUq7H8umANqYB06w&google_cver=1&google_push=Aa02lx9NhCmslKbNR_42uEhbg_YwrcMs-M4Vx6BzLf9qKJ-caS_q_ryUZE1rZrLQ5gKEydS8rVf-I2CVEF9vQYcqKApRKAgxO_E1Nlw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95BD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECNrNDrhwonnWOqMdT3kN_Q&google_cver=1&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0DMBMPVy6Glv3VWg

170 B
188 B

76ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0DMBMPVy6Glv3VWg

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 05 Mar 2023 21:06:30 GMT
Server: MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9B9MuWj9cheYeHM4606IAfKwLgJovbRrB8eYzox-378DbccEjz12sJAfYbdFne92dwhPNkG1tcoHdih_z0DMBMPVy6Glv3VWg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 05 Mar 2023 21:06:29 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 95BD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKK...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoS...

43 B
410 B

256ms
228ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a3552bb4ee35bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1794
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPCPHU2oDPf0fD0yosDaGRU&google_cver=1&google_push=Aa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_HEPmlWZwhRp9GuJgbU-FmWdBG3GhZ1eW5OsJoLTj6-fDxye0IE1xgLCW6puuC932I8wibKQ0Gw68tCASB0_XOGzi3aoSKKYc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a3552b9cdba5bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 95BD 70 B
265 B 189ms
59ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENkDEkHLd1RnpjGYCL9M7AY&google_cver=1&google_push=Aa02lx8JCMGGcNTxyVU97khE8m8TXnUGAFF4tdcEG-NX2R4SoC5k9aj_rApXyXaEL3YB3s4hUzbLYWn_f1pQkowmiF_LivAU5xd2UQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95BD
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx9gUzPA...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx9gUzPA...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMTA2MzAwMDAyMzI2NjU0ODM3OA%3D%3D&google_push=Aa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkI...

170 B
188 B

79ms
78ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMTA2MzAwMDAyMzI2NjU0ODM3OA%3D%3D&google_push=Aa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkIA93zywRXcr4eC-YTnRhCnpN7BcfOWoW9M

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMTA2MzAwMDAyMzI2NjU0ODM3OA%3D%3D&google_push=Aa02lx9gUzPA9HlGCWYl2CcUowDGc4bNYI7QL8yxgSorP6b5W-5rMvy5eDY_Dmjxa2VZkIA93zywRXcr4eC-YTnRhCnpN7BcfOWoW9M
pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 05 Mar 2023 21:06:30 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 95BD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECcV9CYeT0gRI3rjz5bel10&google_cver=1&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbit...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECcV9CYeT0gRI3rjz5bel10&google_cver=1&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjE4MzI5MzE3MDUxMDA1Ng&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtb...

170 B
329 B

77ms
76ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjE4MzI5MzE3MDUxMDA1Ng&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbitp4Ca8Bwln_Yv_GJ0d83V_-s

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjE4MzI5MzE3MDUxMDA1Ng&google_push=Aa02lx9tZI-SULCg9PyL2LUYeo9dL_wwU83hH3UJvuEL37mC1xKnKoVu78vcweZbaxd4wcd6abZNtbitp4Ca8Bwln_Yv_GJ0d83V_-s
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 95BD 43 B
351 B 179ms
49ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKnLTe17Iz7UsEilaoddmx4&google_cver=1&google_push=Aa02lx-N_P6JwDYEEBC5KyGP-ttG-RoyX10QaZuC7CdMOrV2mcDECuWB2lYNNvHmRlSGdsnzureW4y7AZmoOQt8atyJDI4MIRrb-sPw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=280&adk=2803989777&adf=3134901594&pi=t.aa~a.2312533300~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x280&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=622&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0v1bibT2xS&p=https%3A//xn--360giy-0ta.vn&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: innotv8sbppglbgrhfckh3g4406r7ch3

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 95BD 0
139 B 213ms
72ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIQiesFmcAAeNvVXAS3FfTMC9-7p9eTMUtxunO2XxaB9W_Uso5iRyUQQrRRzHLN16OtZOG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3736 1 KB
643 B 53ms
52ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4C4A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 040d1498cef98d8a92813989a41b969d23ecec0bd68a0dc0d0fa86937310140a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 47BE 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

OPTIONS
H/1.1 204
No Content SubmitAgent
cdnimage.xyz/Preview/WebVisit/ Frame 0
0 1192ms
270ms Preflight 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/WebVisit/SubmitAgent
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xn--360giy-0ta.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT

POST
H/1.1 200
OK SubmitAgent Show response
cdnimage.xyz/Preview/WebVisit/ 62 B
322 B 256ms
256ms XHR
application/json 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/WebVisit/SubmitAgent
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash: f96052d7564f18170d9e8d6270720c2b95cfc8488e6947baf10dcf87c464455e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xn--360giy-0ta.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT
Cache-Control: private
Access-Control-Allow-Headers: *
Content-Length: 62
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK GetMamoTrackerAktInfo Show response
cdnimage.xyz/Preview/WebVisit/ 86 B
346 B 291ms
291ms XHR
application/json 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/WebVisit/GetMamoTrackerAktInfo
Requested by: Host: xn--360giy-0ta.vn
URL: https://xn--360giy-0ta.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash: 623dc48757fef9a3b9a0f03fd1560702fe3e9c28f949f0a386bd1322f41c35ae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xn--360giy-0ta.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT
Cache-Control: private
Access-Control-Allow-Headers: *
Content-Length: 86
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content GetMamoTrackerAktInfo
cdnimage.xyz/Preview/WebVisit/ Frame 0
0 1192ms
267ms Preflight 45.124.87.117
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnimage.xyz/Preview/WebVisit/GetMamoTrackerAktInfo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.124.87.117 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: sv-87117.bkns.vn
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xn--360giy-0ta.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Date: Sun, 05 Mar 2023 21:06:28 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3736
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1&google_push=Aa02lx97xeb1NBqCnt4eH-_UTtiJ8v_pQRRgS4sJ2uH3-ZxcoiOdH2RLHhMzRdPMZgg7g_tfY8mo0IP4_dBZ6O1jLtjRuWRomHqBx-s
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAyNzI4Nzg4NjQ2MTU2NDM2NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1

43 B
398 B

72ms
45ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMrSYeMTFB_wfIVgLJ4kJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3736
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPDO48Mw4V2jhT3Dmrjh1CI&google_push=Aa02lx_VjcDpCTtC5Vcqz8fUlqXae1g0tazzSypKiIZ8iyfzfAn-tnDarN...

170 B
188 B

76ms
76ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPDO48Mw4V2jhT3Dmrjh1CI&google_push=Aa02lx_VjcDpCTtC5Vcqz8fUlqXae1g0tazzSypKiIZ8iyfzfAn-tnDarNh80a-8GZDKc2i0tXZ7hfqdv9YrVyqxgSbfcnK-lQMIQg

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220043-HHN
pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1678050390.145732,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPDO48Mw4V2jhT3Dmrjh1CI&google_push=Aa02lx_VjcDpCTtC5Vcqz8fUlqXae1g0tazzSypKiIZ8iyfzfAn-tnDarNh80a-8GZDKc2i0tXZ7hfqdv9YrVyqxgSbfcnK-lQMIQg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3736 70 B
264 B 102ms
59ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENkDEkHLd1RnpjGYCL9M7AY&google_cver=1&google_push=Aa02lx8C5JRtSHlg_FVpJJSdmQMcvd3Yx2_7l8x2LwsPV6qQODBqMxL0DeiWdUVgwq5bVlIofyScXTAY9Fue54GSgGVkUL5Z_yBXCk4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3736
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJZpkk2yrEhwf10SgHtOMZ4&google_cver=1&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCC...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCCY1nmcvjo&google_hm=eS1yc21yd3VCRTJwSHl...

170 B
232 B

76ms
76ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCCY1nmcvjo&google_hm=eS1yc21yd3VCRTJwSHlyQnNwekRkaXdFcnpMd3c1d1ZmUH5B

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 21:06:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9Sj72JvQWt2QfijLElo7h5eYda04uOgF_CcjQmBhIrcwBjzV4Z6c0-k1JOJixmxe9Y1tDHxYmuQAixNuV8q9XNxCCY1nmcvjo&google_hm=eS1yc21yd3VCRTJwSHlyQnNwekRkaXdFcnpMd3c1d1ZmUH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3736 43 B
134 B 92ms
50ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKnLTe17Iz7UsEilaoddmx4&google_cver=1&google_push=Aa02lx-pAPnj2Fcd5kqrbz4bIM6jROAK9wgkKW74M62GdUq-xrg3HVlPrqtLGmS9dVxPT9GXQSlMGMqKmk4P4d6HG2-Q6NimpCMoXbo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6632121185579781&output=html&h=250&adk=352238038&adf=3466985332&pi=t.aa~a.1406455189~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1678050389&rafmt=1&to=qs&pwprc=7533776038&format=357x250&url=https%3A%2F%2Fxn--360giy-0ta.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678050389076&bpp=1&bdt=2365&idt=1&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddf16a7c72d4d0bc0-227e361044dd0088%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg&gpic=UID%3D00000bc0e7ce84b8%3AT%3D1678050388%3ART%3D1678050388%3AS%3DALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA&prev_fmts=0x0%2C1200x280%2C357x280&nras=4&correlator=6397914884505&frm=20&pv=1&ga_vid=947709777.1678050388&ga_sid=1678050388&ga_hid=1189640525&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1008&ady=1704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759842%2C31071756%2C31072620&oid=2&pvsid=425221591783013&tmod=430505432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LXrnNtSRw9&p=https%3A//xn--360giy-0ta.vn&dtd=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: apil1doce1l5c1m07nbv7sibofme8mmr

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3736
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO9R-rqYFphqcH5v2-wYRRo&google_cver=1&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPf...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWVlZKUFotWi02SUpZ&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPfOHUvhSnXUIRGDxnQileLLEhN6epU

170 B
232 B

75ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWVlZKUFotWi02SUpZ&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPfOHUvhSnXUIRGDxnQileLLEhN6epU

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWVlZKUFotWi02SUpZ&google_push=Aa02lx8lLcCv-CILNPq6gLJqBJPMXrpzIUNF1ok21K4enBV8lfi3nWF0oyLyHEtpxpyEQPkjnPfOHUvhSnXUIRGDxnQileLLEhN6epU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3736
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_hm=ZAUEVmIR_HhAZl01wJb_GQAABJQAAAIB&google_nid=index&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrV...

170 B
188 B

76ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_hm=ZAUEVmIR_HhAZl01wJb_GQAABJQAAAIB&google_nid=index&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrVyjsujQZ2nACzru--D8amLXdpZ5vFU-K5ORwzPbFNTMpPFXS_R8DWkEUuVfqvbWTobs

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 21:06:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_lnjsvhzZQ-mfczbEs8ao&google_hm=ZAUEVmIR_HhAZl01wJb_GQAABJQAAAIB&google_nid=index&google_push=Aa02lx8pDrFvoQO8wfYewP_qfsyXXUBOYGFrVyjsujQZ2nACzru--D8amLXdpZ5vFU-K5ORwzPbFNTMpPFXS_R8DWkEUuVfqvbWTobs
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3736 0
40 B 126ms
75ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KszcSprVjuZQcq5PQzpUz3yUjA-bCqhdty3cleZbh4JqtlfHdjfB03M8aLowh6koQ-qKYh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 98ms
97ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4fcff35e1cf04bf10a3f747e44faa51e2faa214a50a14584af635b5dd69c1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame B4EB 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:06:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E4AA 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6tc1Q3NbWiOQh6R4ub0pI1My49e2fAWFaMdTaFvvulNcN2u93I1tMnnhW6jqrLF8vzmaU5ZzA_kitnXrgm4bMUssoYACaeFYIAGM719vNMATNp3FHSwNcC8A5J5TFUZ9GHqhH_g&sai=AMfl-YTHiXZSD1UgMKRwrg-hNE8iI5Q26bh-Hb9sWjazSyh-wMTbOqr2NFx5YRhGs9wcY3svjtYlnPx_lM-P&sig=Cg0ArKJSzMx0Ww0TilwiEAE&cid=CAQSGwDUE5ymPPKJYAicVOC39dpqOXTHRArY4PrDRhgB&id=lidar2&mcvt=1023&p=0,0,280,1200&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3249203467&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678050388466&rpt=722&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 536A 13 KB
5 KB 42ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 20:23:47 GMT
expires: Mon, 04 Mar 2024 20:23:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7F9 783 B
998 B 51ms
50ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8bd7aeb5241c6bb1f0edbc601229eadedcd2bba460d24b261b2cc332762a5114

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q1qHirv8x_-IloGcJtv_Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--360giy-0ta.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-q1qHirv8x_-IloGcJtv_Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:06:30 GMT
expires: Sun, 05 Mar 2023 21:06:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 536A 36 KB
14 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 19:45:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7F9 0
0 84ms
83ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=425221591783013&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 536A 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k4mdIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:06:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF42 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttXymb-mNfShs4sDFAifgJImEgN9VWUFmZPWPj3syW5M97FWLWxmmVm-j8E9e28H_SP1f_DXZgpdB8wSS8rQbWVlYozZeNIy2-k0A-Fth7YE6XUMs2qDycFFrZ2Y76PogpKimnDw&sai=AMfl-YQBeexXJGnRzsMPyzuiBbTpODZUPg--Vsk9IwpOllrpiJfs7t27c2LqsRRnCfQ8cm505QfUseQdWZgJ&sig=Cg0ArKJSzBO7ZCkWUp_lEAE&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678050389223&rpt=277&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF84 42 B
64 B 87ms
86ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusc13U8dZs6pA8jsjCiC5rh1arxMnxEkwq0csyTHJgzFM-JU85iJnXrkhIZx8pW09lyw35ghtIruf7nxy6WNJpYb8_Oc89Qi4dZKa6ve5lSUs5r-ZekhaUGfvalng5-HJUT3Mkcg&sai=AMfl-YTvqkozuyLtuDjBzFRH3uVq4DBh2a0qFKUynSWZb36fkUBonjk8xg-pkF9nOEZuQ9tO_5V2AYNmk-RJ&sig=Cg0ArKJSzOY9u058XuJoEAE&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&id=lidar2&mcvt=1002&p=-90,0,410,180&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678050389218&rpt=294&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A05A 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-2CltbBIXMvUdTBVXXxP8Q1tcV0agpoC2bzG0dA1RXpBJwqgRheexX5qDJHNn2eWjNi0ZpGEeh4kMp-FiL2JeVEYqySjldWasj8mBdAjProqVCgRLP8bEgI_Q-4ylLjH4weMcZg&sai=AMfl-YTP9rH3bFIiK4epDvfiG5xKS7S1jYeiPSuV1ltu_jvrrbBsdBzJleXXVfjuO_JinMY6tEE4z5A4YB95&sig=Cg0ArKJSzI45sYZ35UwrEAE&cid=CAQSGwDUE5ym09qucN7j4ApUhOR3en8sYn9qPJfPXRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=175,856,1000,1208,1208&tos=175,681,144,208,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678050389208&rpt=240&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 21:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 86ms
86ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=425221591783013&bg=!7-yl7LjNAAbv3-2Ez987ADkAdvg8WiM9EOQyRswiIiL6PN4DhfY8p2V7MChxHh-08yaLwV_OWZheJl_sUpJgi4tb-msQ41TgQ0kCAAAAXVIAAAAFaAEHmQKk7TeJmnAZXqwpYSNRtIkUfUbAh5mdsgz9jhVtoW57bTlKHEpMkXRvXqQlP_V1hw-pQJPqxnkAaZhCJ9-latWtc8r1b7d6zOy_keOXziQAVMBUUvVL8MsyT-nozBXlNc338yd-JhDvPAbj3L8K7dPO5DdsJuk65d_MY8PUFgoZ-kf5jGl9GH6IuFYuQcraFK4APg0MqmueXTdaaX9rDnPm4sv4d45nAdwVgScDu5VLmYDZB7Hj07zMked0DYNYiY1Wd8f6k4mt63pJd-BeuiQfcJU40Uo4Dep-x3stCDcYnvAOLblQ2hDhStyt_fpp-ytax1LgY9KL3lJVv2nOzfqbiRgBxDAe3xk6YxEOE-BF_FQhwue7wBqut2jJJuz96wlle3g_mlJBSuhwqViBpjl2ZTM38EmdMWmXCGhq3g68L_XDYUuSM4f1nkhIyA38Wx9hUsKjVZTRQG_SOWIh4m6eRhicaae5w1apY1AqAxj3pFWOe-h-skhm4mFdvr04CCsgFIO4f6VuXfbZI1eZJdr--8QmjQBRb03DO_91EtPonGad9jukhTwYhDYicmL1MXKPTkshEplPWf7vjBfsl2Lyl0BsTnhutULCLWk5vMihGf5sd-u2gRFsuNAhhXv1A7EFIPteJYXM9iz3yS2KvJEzzAt5sujlCUyAm4gwq7zPULOZcD6q6uP1ImELaEstEXFb-VBRU26hy9RVkGTs60CuH_GBIYuj5DCifTU7ry6GnH19xCcpW8EvK1r2N-_4Owv9vlOTkKvvUWTO51HG9I5nXjjAn30Peb_rV_K7njVdhiM0ztB2NXW8a4bKv6b92sMJOPD1TurPM2kBlvjXLGGF7W1Y1MwpurKexN03J8VfR5FQkBK84-RjXwncIshVkIU8Xv-vvQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--360giy-0ta.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--360giy-0ta.vn/	1970-01-20 19:29:06	Name: __gads Value: ID=df16a7c72d4d0bc0-227e361044dd0088:T=1678050388:RT=1678050388:S=ALNI_MZXUQjtoTvSsR7-kf_UTUX5Tp4UQg
.xn--360giy-0ta.vn/	1970-01-20 19:29:06	Name: __gpi Value: UID=00000bc0e7ce84b8:T=1678050388:RT=1678050388:S=ALNI_Mb4cG1jxHilKuLfe3AICMZKTkkJuA
.doubleclick.net/	1970-01-20 19:29:06	Name: IDE Value: AHWqTUmJxuDnDG8wko1XJ9ss2mleMj-btJDXBmWG0DEg14nYiNsSnL6iwed_8ay_ZOA
.adform.net/	1970-01-20 10:52:08	Name: C Value: 1
.adform.net/	1970-01-20 11:33:54	Name: uid Value: 3536183293170510056
.w55c.net/	1970-01-20 19:39:11	Name: wfivefivec Value: TN6hysq91PyVyS5
.w55c.net/	1970-01-20 10:50:42	Name: matchgoogle Value: 5
.casalemedia.com/	1970-01-20 18:53:06	Name: CMID Value: ZAUEVmIR-HhAZl01wJb-GQAA
.casalemedia.com/	1970-01-20 12:17:06	Name: CMPS Value: 1172
.casalemedia.com/	1970-01-20 12:17:06	Name: CMPRO Value: 1172
.yahoo.com/	1970-01-20 18:53:27	Name: A3 Value: d=AQABBFYEBWQCEFa5plkSsEYtmQulYOvYL6QFEgEBAQFVBmQOZAAAAAAA_eMAAA&S=AQAAAtFvp4nFYJHLJ6PRUsqbWkA
.everesttech.net/	1970-01-20 18:53:06	Name: everest_g_v2 Value: g_surferid~ZAUEVgAKJ5H-ZgBh
.mathtag.com/	1970-01-20 19:33:25	Name: uuid Value: 9b2e6405-0456-4a00-97a1-a2bbb15f24c1
.mathtag.com/	1970-01-20 10:50:42	Name: mt_mop Value: 4:1678050390
.e.dlx.addthis.com/	1970-01-20 19:37:44	Name: na_tc Value: Y
.turn.com/	1970-01-20 14:26:42	Name: uid Value: 3027287886461564364
.tribalfusion.com/	1970-01-20 12:17:06	Name: ANON_ID Value: aLnseFpkijcDifqAaAcdMnkqY81MNI9h755du4uT0cRKnxPPUKiTdcAIMfJcRY20TZcZcMyB4Q5kX3jekFBR42
.addthis.com/	1970-01-20 19:37:44	Name: na_id Value: 2023030521063000023266548378
.addthis.com/	1970-01-20 19:37:44	Name: na_tc Value: Y
.addthis.com/	1970-01-20 19:37:44	Name: uid Value: 64050456448f9230
.addthis.com/	1970-01-20 19:37:44	Name: ouid Value: 6405045600015e59c2c125ec89631bd34d5d5df3ae3e68b81214
.dlx.addthis.com/	1970-01-20 10:50:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 10:50:42	Name: na_sr Value: 20230305
.dlx.addthis.com/	1970-01-20 10:07:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 10:50:42	Name: na_sc_e Value: 0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62kjl5f9qdq69u162nqbbdsljk3p17jm/1678050375000/05705402827546228379//1OYi9C87_iyYx4hG5WGHlA8pIb4E93HMa?uuid=028fb357-9286-4400-ba3d-f7e53f462f49 Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/t5l41rt8tl8e4jk88o341ktthj7bd4ob/1678050375000/05705402827546228379//1rpEPLhiwzVk9HXmIW-BRQCW-wah_KF6Q?uuid=712edc43-ec18-45f0-ab00-4c1e1345dac8 Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://doc-08-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ec0v3hjobeg9p5utc9jg8m86pbc31cfl/1678050375000/05705402827546228379//1oEyDKTUJIyfOMVeD8pJidDecWBqZQ8RV?uuid=835d1027-dbe9-4a1e-ada0-80e9885a105f Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/s7jv5udv1nqoao04m1s11aggrtq0aoqn/1678050375000/05705402827546228379//1wkWzGPDYP3lqZSFuom3RTUe3QXd95GgZ?uuid=6c784633-08a9-4e49-944c-c96cc71c0691 Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/gdjehifdpgpqf3sbkul6uhet203kfjla/1678050375000/05705402827546228379//1XF81kMWXf6O3dBBsvlxB7Ok1vFrNIBYI?uuid=1693553f-29ba-453a-bd57-aa7952686fc4 Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://doc-10-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fl5ro66ai5e8v0i4bjv41b2m8nl8448v/1678050375000/05705402827546228379//1yLJ5pRtyQ66jh27vLFEzgKMU59gYq-ax?uuid=5ac812b1-310c-439f-835e-1324c8694347 Message*: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://xn--360giy-0ta.vn/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-6632121185579781&fa=4&ifi=7&uci=a!7&btvi=5&xpc=jZHAu90WLf&p=https%3A//xn--360giy-0ta.vn Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-6632121185579781&fa=1&ifi=5&uci=a!5&btvi=3&xpc=FXRoFrCgT5&p=https%3A//xn--360giy-0ta.vn Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
belife.vn
c1.adform.net
cdnimage.xyz
cm.g.doubleclick.net
doc-04-44-docs.googleusercontent.com
doc-08-44-docs.googleusercontent.com
doc-0c-44-docs.googleusercontent.com
doc-0k-44-docs.googleusercontent.com
doc-0o-44-docs.googleusercontent.com
doc-0s-44-docs.googleusercontent.com
doc-10-44-docs.googleusercontent.com
doc-14-44-docs.googleusercontent.com
drive.google.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
xn--360giy-0ta.vn
103.3.247.5
142.251.39.66
151.101.130.49
185.29.132.241
185.80.39.216
23.35.209.176
2606:4700::6812:18ad
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:811::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400d:803::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80d::2002
2a05:d018:d29:3601:e064:ebd3:78e:3d3
35.157.53.153
35.186.253.211
35.71.131.137
37.157.6.248
45.124.86.86
45.124.87.117
46.228.164.11
69.173.144.165
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
040d1498cef98d8a92813989a41b969d23ecec0bd68a0dc0d0fa86937310140a
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
1485b5c2e79a71a62225cfb3c41bcb6b6ea08005eea282a0d0d8f5fe6deb4632
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1eee5dd022fdd8f98fabd236615feeff3ed561e2f12cf2e00451aac2bc7eaf98
21b5638f996d175b621ab8c5cc869408af042542c8a14005c3a88d2cc9f0f4b4
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
275da6669aa8892ac13c6e00089c30a37af19a0a63b535fff37d300a49fb80fa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
375d5965fac9c76cf060185fe2da13b117b1849f933d720e1f6f254fdba99787
3807c2f6781c001a6f224fe1374fea268b5446efd0f02544837d8b8a8c7d31e1
3895ee828de5bb6a4d37c7592663fe8a9b680060d1037395aa60953cf951660a
3a8996682ae1095da772f757d579aed715c8546736b786c3dbd3f45039cc34d5
3e9f1759031d4df211949e6b2419b50e2cd3adc0ec90d1ff56f65f250226767b
430c26b2c8d1d594a9485bb78114a002f51a7c760d4d02bb9a646a2cfe181180
43414cd80b4c651f92342005a4d0ba614efe7e04243a9764039760e7e0c1316f
43e01213dfe9f3b23f9de93c6d81e78313c61d379eb891f1c41c7a7e39a014c8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b523b52fbd63f2374da766d829994258e5e793c0e91d2816076b0ef3995976f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9069ad33c4c47cc921f00e2b95eba7357c43cadc846c53af09edeb4fbc456a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a99396713a3c8996c8741604e1aecfd021362adf15ad7571531047507c3229b
5ba504fdb0da47aa4d825f47d9c91e2d2dc7ea42343365cbfa80f35aea0e6609
5bc1ceebe43c34f76136517663a0aaebd5cc60ce65248bec3fdbe949ceafd3ba
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623dc48757fef9a3b9a0f03fd1560702fe3e9c28f949f0a386bd1322f41c35ae
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
63137b13237895ef6007b48f697dd0b4f3662758e1cfa2dee0e16a4ff0b51dca
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27
6afe7fc9f5dcd67e7a40ee3ec8d27a6ac613030ccad240abde47c7c3149848c9
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
70211e8296c52b3feb952e99accc2d44101ab3f2d8d20d912a3f544113af17ac
73b08b18b022e966012e9e8b430a4da54b82c53f91aacf45c67d2b454e29ec2b
7800113d19e8b9c30bb839978700f75b5a6c41342a3c6d03bdad2d33c3c51329
781240c0031b0e50ca831637d3e2292e8bd6aea77cf0a86df13e2e28e35075a1
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8427476be43a9f2327835ccb84abf0dfd25561ce0fb1fe6453183ade424aa277
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880fc37f5a324b19d0624937dd1235625399588bebfe5c703930d6f3e1409285
8bd7aeb5241c6bb1f0edbc601229eadedcd2bba460d24b261b2cc332762a5114
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92b840865fb96e1d7f95ce8e84a5dbd69d93b7fb8d8de532a80f3f261bfe3afe
964f8e85640f08535115d08256d404a80b19729278ab3fc269599e6cb77b54a8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
9ea7c2f29b8f4c1b6164072d79da13dd6406d09187a5206c5474c9f9334318b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9a5f8020d2d976993ca43bf1711bf657da6f068c5fddcd75e9ff376775d4599
b1afa58ba922a027077434c3c3d3aaa70dc9c5882d273c3de0ea7fc97663398e
b50ef96cef6f78dd1156d741bcdcbda9a088ce83ebef9249a63bd5f3fa03ee5a
b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265
b98715d41bb216fa96521547a08d9db04c67128d2e99041acfd2e68c2ac78c04
bb90ae25bc4e8bc8f9d066e5c008ea3645b3eb57f21796f05962f366d5660f3f
bc57c02aabb1c4bc81cdc498c641e3967a9d1833f503b5ef6095db70574bc9a3
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
beb2ccb8911b7c7c9156abf015b110499bf3986b53bf825a192d1e0df4c3e227
bfc128a3add548c34f5623ce0f1f40eefb3ae3aba081177d3ff1ee5d0360bef6
c00a8535b763937c292286c9299b54fca92f580417a6356482398f3d23f5d87c
c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c
c12560632bd6e8473ca244cc032a18b4b3f1da28ea84a0772024dc3d5c056fa5
c5535bf4ddee264a3eab7d0e18f99f043229d151ac75dbf7ab39e57b0e74941a
c89d77e5b5ae159bd6cc1f87da2cd736646938b20c030f1e839132c8bf7d490a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
d0d064a345a0c05ff18118d2e9e4eee543130df09519ae21c96761a8bcbaed40
d46a9debd90977271a6e9e1a694ea9b3fb5feb2d389b66171b589ff62cbe853d
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f
da5bb33fd1184bb543a8a36943aaf8c0b7100e87cd9cf2a1f4d4c5cd26958746
da7c2c166f4fce0cc82daa3ee2b405a4b4fd19125f3b9d1609bcbb6417310aee
dad794481bab5bfc971375e0bf92ad730a258165e9be322d2d2710f10680d927
dd75b960123815bbf430fdd68ad9fb3a79c42036930bb63c345f224ce2c4c279
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fcff35e1cf04bf10a3f747e44faa51e2faa214a50a14584af635b5dd69c1d0
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f96052d7564f18170d9e8d6270720c2b95cfc8488e6947baf10dcf87c464455e
fa93666583ba5f3a12b2e178b3f4021e1bbc54eae1ff41528fa62b9d43989516
facf49165907a9bcd1a5af892e895f3926d927f91fb68804011257e9886c4423
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

xn--360giy-0ta.vn Open in urlscan Pro Puny 360giây.vn IDN 103.3.247.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

88 %HTTPS

50 %IPv6

24 Domains

38 Subdomains

20 IPs

8 Countries

2220 kBTransfer

4820 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--360giy-0ta.vn Open in urlscan Pro Puny
360giây.vn IDN
103.3.247.5 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

88 %
HTTPS

50 %
IPv6

24
Domains

38
Subdomains

20
IPs

8
Countries

2220 kB
Transfer

4820 kB
Size

25
Cookies

171 HTTP transactions
7 data transactions