mayvesinhmienbac.com.vn Open in urlscan Pro
103.21.150.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mayvesinhmienbac.com.vn/
Effective URL:
https://mayvesinhmienbac.com.vn/
Submission: On March 07 via api (March 7th 2023, 2:35:04 am UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 30 IPs in 9 countries across 24 domains to perform 207 HTTP transactions. The main IP is 103.21.150.185, located in Viet Nam and belongs to CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN. The main domain is mayvesinhmienbac.com.vn.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 21st 2022. Valid for: a year.

This is the only time mayvesinhmienbac.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	103.21.150.185 103.21.150.185	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
28	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	103.75.185.69 103.75.185.69	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
8	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
5 7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3 9	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	35.177.30.54 35.177.30.54	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.65.209.188 3.65.209.188	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	18.133.166.146 18.133.166.146	16509 (AMAZON-02) (AMAZON-02)
207	30

21 103.21.150.185 (Viet Nam) 1 redirects

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

mayvesinhmienbac.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.75.185.69 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

yenphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.30.54 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.209.188 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.166.146 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	827 KB
42	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 262 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 221779	318 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com	262 KB
21	mayvesinhmienbac.com.vn 1 redirects mayvesinhmienbac.com.vn	784 KB
10	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	437 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	6 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35870 hal900012.redintelligence.net — Cisco Umbrella Rank: 282908	69 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377	4 KB
4	yenphat.com yenphat.com	684 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 51787	31 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	129 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	966 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46652	434 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	45 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40433	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 132014	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	615 B
207	24

	Domain	Requested by
47	tpc.googlesyndication.com	googleads.g.doubleclick.net mayvesinhmienbac.com.vn tpc.googlesyndication.com pagead2.googlesyndication.com
30	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mayvesinhmienbac.com.vn
28	pagead2.googlesyndication.com	mayvesinhmienbac.com.vn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
21	mayvesinhmienbac.com.vn	1 redirects mayvesinhmienbac.com.vn yenphat.com
13	fonts.gstatic.com	fonts.googleapis.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net
8	fonts.googleapis.com	mayvesinhmienbac.com.vn googleads.g.doubleclick.net hal900012.redintelligence.net
7	www.google.com	5 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	hal900012.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900012.redintelligence.net
4	yenphat.com	mayvesinhmienbac.com.vn
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com 5994599.fls.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	mayvesinhmienbac.com.vn adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	eb2.3lift.com	2 redirects
2	x.bidswitch.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects mayvesinhmienbac.com.vn
2	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900012.redintelligence.net
2	adservice.google.de	pagead2.googlesyndication.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	secure.adnxs.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	track.webgains.com	mayvesinhmienbac.com.vn
1	adv.office-partner.de	hal900012.redintelligence.net
1	static.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
207	35

This site contains links to these domains. Also see Links.

Domain
yenphat.com

Subject Issuer	Validity	Valid
mayvesinhmienbac.com.vn Sectigo RSA Domain Validation Secure Server CA	`2022-10-21` - `2023-10-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
yenphat.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 35 frames:

Primary Page: https://mayvesinhmienbac.com.vn/
Frame ID: 55433A886D554B9011F5456D3ACE1FBE
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: 1082D2B6F7834FB050C84C3A38EF5CA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=1583899163&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496083&bpp=3&bdt=986&idt=116&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5361503642787&frm=20&pv=2&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L9d0sQYDwV&p=https%3A//mayvesinhmienbac.com.vn&dtd=141
Frame ID: 60F60430CAE61FE9922E02C1BCC0C711
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&adk=1812271804&adf=3025194257&lmt=1678156496&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496086&bpp=3&bdt=989&idt=164&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=180
Frame ID: 8ADAF2319C9E18A6841AA30286668674
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189
Frame ID: 8160F3FD938EA20AA70D2033A54120CA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=6200954725&adk=1304420653&adf=635674564&pi=t.ma~as.6200954725&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496090&bpp=1&bdt=993&idt=194&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=kgoVTJFP7P&p=https%3A//mayvesinhmienbac.com.vn&dtd=197
Frame ID: D5A4E147FDD3B492F774A07789D3FF56
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=9437098949&adk=3372793509&adf=3235366628&pi=t.ma~as.9437098949&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496091&bpp=1&bdt=994&idt=200&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=wTQ3B3qzbR&p=https%3A//mayvesinhmienbac.com.vn&dtd=202
Frame ID: 09C056F9E8C8EDC3D1810DFE74B4CAE9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=3271107859&adk=1861359322&adf=1258240622&pi=t.ma~as.3271107859&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496092&bpp=1&bdt=995&idt=204&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2xztkaDc5V&p=https%3A//mayvesinhmienbac.com.vn&dtd=206
Frame ID: 07C003D5E6A8A4DB4900CFDA488D9DC3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2834CAE7C33B0ECA55C4B8B8F72807F1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 611867087805B8AE153E8058933FD14B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Frame ID: 5E4BCEDC087BDF9270C1B3768B297DAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE82B185F4B41F53515515BD4EAE9675
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2DEAA3B78BB68C94ADE8A252EC0733FF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3C11BD9BD9927DF311C16DA53FECE66
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: EA1693BC049B5728CA25F94529E5AA4E
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: E2A309DC2BF6494C2637FC04AD8F92CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 1E589097A5F10CBAEA59768127642F01
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 6D35DF123CBCE69CB483973F5CB21F54
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: ADC42380CAAA318FE8D15E3C40EE4687
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNUo3YEA-D6pVsgB5lFHufs8myx04MsE8BmIL_VJ6xlng0-B6MP7RUZJdUvJLqnDmF09HjAAJd05YPRPj-QiExYBsLnDDCYXBkoaPo2f8oBQjcWVOtCUAWRJlVdHWeldXy5DaDyBlAk3f-bUvpAF4IHaYipA0gXMHa_qaq3pEXLXciXYx2Q
Frame ID: 2CB84B486026522A7305807B3435DB19
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FD16C1F3FC2882502D3E0FC4A571E4EF
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 32F8C204CE2707E07F48E25BF7CD323A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 835FB8DB61AB164DCD97F0E8B483DC63
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 138FB44AB623E32269C0D17482A0CE2B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: A3E6FDD622188B9C768875337BDB21AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 393A07DCB97F8D026C2FB62E2042E1E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: CC6C08B5B38F4A1EE8A76F8DBB8F275F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FEDD9F7A20F1E58E8680DD2AE5D6E31
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: F9F583826BA25EFC26E524CC983363D9
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 72F097508046B78F66AF77597723737A
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157
Frame ID: 933995B03774AAB63C01199B80B74A1F
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485
Frame ID: 63BBC364C133B71B388211E8F6E9E244
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C0650F2C46B11532EC3A9AC48F6014D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90F9C3DC68D0323CB1251ECDB807C5A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97C11DC03189E47CFD67322DA84F14DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Máy vệ sinh công nghiệp Miền Bắc

Page URL History Show full URLs

http://mayvesinhmienbac.com.vn/ HTTP 302
https://mayvesinhmienbac.com.vn/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

95 %
HTTPS

50 %
IPv6

24
Domains

35
Subdomains

30
IPs

9
Countries

3571 kB
Transfer

7544 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://yenphat.com/url?q=aHR0cHM6Ly95ZW5waGF0LnZuL21heS1ib20tcnVhLXhlLmh0bWw/dXRtX3NvdXJjZT0mdXRtX21lZGl1bT1iYW5uZXI=

Search URL Search Domain Scan URL

URL: https://yenphat.com/url?q=aHR0cHM6Ly95ZW5waGF0LnZuL3RoYXAtZ2lhaS1uaGlldC5odG1sP3V0bV9zb3VyY2U9JnV0bV9tZWRpdW09YmFubmVy

Search URL Search Domain Scan URL

URL: https://yenphat.com/url?q=aHR0cHM6Ly95ZW5waGF0LnZuL3hlLXF1ZXQtZHVvbmcuaHRtbD91dG1fc291cmNlPSZ1dG1fbWVkaXVtPWJhbm5lcg==

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mayvesinhmienbac.com.vn/ HTTP 302
https://mayvesinhmienbac.com.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&C=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAai0ekePU2q5OLn.4nLzQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&google_hm=2

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHsEYa5MvYSZXb4eS5cgKYM&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 178

https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 189

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157

Request Chain 196

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 197

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKEKG4y4fVHZnHB-XQtREOc&google_cver=1&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKEKG4y4fVHZnHB-XQtREOc&google_cver=1&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s&google_hm=PzcyOhTlRgWhQbwJ9_P3Zw==

Request Chain 198

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_cver=1&google_push=Aa02lx-MRTZ_8iyqF_-X_l1mEnZoIIz10mo91eZgiPqz4yMbTA609-78bJQlz6yCCLf_4p01mDSlkWqna-UlZXA4NusQZTp980YExonN HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_hm=ZAai0ekePU2q5OLn-4nLzQAACLIAAAAB&google_nid=index&google_push=Aa02lx-MRTZ_8iyqF_-X_l1mEnZoIIz10mo91eZgiPqz4yMbTA609-78bJQlz6yCCLf_4p01mDSlkWqna-UlZXA4NusQZTp980YExonN

Request Chain 199

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILBtrA2T63WBINZRjywW8M&google_cver=1&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMBgCgxv HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMBgCgxv&google_gid=CAESEILBtrA2T63WBINZRjywW8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUwMzkwMDA4MzQzNDQ0ODQxNjk5NA%3D%3D&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMBgCgxv

Request Chain 201

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6WbE_RAJDcvFIgXUPZyHxmuGs2_1YKYnwTa5u2kudAjP9YZOwZlYL05rKX84pt2zl49zaLOyj2ZF5s6bFHs71aWoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6WbE_RAJDcvFIgXUPZyHxmuGs2_1YKYnwTa5u2kudAjP9YZOwZlYL05rKX84pt2zl49zaLOyj2ZF5s6bFHs71aWoA

207 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mayvesinhmienbac.com.vn/
Redirect Chain

http://mayvesinhmienbac.com.vn/
https://mayvesinhmienbac.com.vn/

61 KB
11 KB

667ms
227ms

Document
text/html

103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.3.30
Resource Hash: 3aa87688779f05f672cc70204a5302e9008ce10eeb012c9bba17afa2b9626463

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Mar 2023 02:34:54 GMT
etag: "2851448-1677917398;br"
link: <https://mayvesinhmienbac.com.vn/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit
x-powered-by: PHP/7.3.30

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 593
Content-Type: text/html
Date: Tue, 07 Mar 2023 02:34:54 GMT
Location: https://mayvesinhmienbac.com.vn/
Server: LiteSpeed
Vary: User-Agent

GET
H2 200 webfontloader.min.js Show response
mayvesinhmienbac.com.vn/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 217ms
217ms Script
application/javascript 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
last-modified: Tue, 08 Feb 2022 07:45:58 GMT
server: LiteSpeed
etag: "2f42-62021fb6-c9fcec9edc2ff4ee;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 4651
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 ca3c344e9a6020fd3e2f07bfef41394e.css
mayvesinhmienbac.com.vn/wp-content/litespeed/css/ 562 KB
73 KB 433ms
433ms Stylesheet
text/css 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-content/litespeed/css/ca3c344e9a6020fd3e2f07bfef41394e.css?ver=d6124
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e241cfe6c348347220744675648b624fb58271c3821dc2e41c3aebe51f028b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
last-modified: Thu, 09 Feb 2023 06:55:04 GMT
server: LiteSpeed
etag: "8c79e-63e498c8-4c1b45ac5f91f398;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 74451
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 jquery.min.js Show response
mayvesinhmienbac.com.vn/wp-includes/js/jquery/ 87 KB
30 KB 631ms
628ms Script
application/javascript 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
last-modified: Thu, 08 Jul 2021 00:53:40 GMT
server: LiteSpeed
etag: "15d98-60e64c94-f613b31c579902a9;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 30314
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 98ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f96e6ccf4a8d156fea525f514439cfed7d67226f712d49e2e0e6c08673086543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48748
x-xss-protection: 0
server: cafe
etag: 17166502853341813518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 67ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-219747095-1

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db38d633fae5c82407b891da923a4a0a657fd7bcf2798f15c55b82977aeef864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44771
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:14:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Mar 2023 02:34:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 85ms
45ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-250290217-1

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0b4165e30b8421804de045a05492167d10fb1a96a5349ade4cb9642c4d87aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44769
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:14:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Mar 2023 02:34:55 GMT

GET
H2 200 khu-du-lich-son-tien-khai-truong1-50x50.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 2 KB
2 KB 846ms
843ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-son-tien-khai-truong1-50x50.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bcc4f890992ae9f7d37371fc3bd8838e05143bbd0db454e81f56249819750a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
last-modified: Sat, 04 Mar 2023 07:39:32 GMT
server: LiteSpeed
etag: "6bb-6402f5b4-a14cff06a06ced05;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1723
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 khu-du-lich-son-tien-dong-nai-50x50.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 2 KB
2 KB 846ms
844ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-son-tien-dong-nai-50x50.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d577e2c118ad3e54b702d887724897cbccdcb9f0db279f0c94ba1e87d1c58007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
last-modified: Sat, 04 Mar 2023 07:06:46 GMT
server: LiteSpeed
etag: "6b6-6402ee06-d3de613b428ecb8d;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1718
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 khu-du-lich-vuon-xoai-50x50.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 2 KB
2 KB 847ms
845ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-vuon-xoai-50x50.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b7dcf3670292ce9bf2bdddcb790a215580b1ce620e52b22c325d342708ade4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
last-modified: Thu, 02 Mar 2023 09:01:02 GMT
server: LiteSpeed
etag: "71f-640065ce-87245cd45325d134;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1823
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 cropped-1_Primary_logo_on_transparent_148x73-1.png
mayvesinhmienbac.com.vn/wp-content/uploads/2018/07/ 5 KB
5 KB 848ms
846ms Image
image/png 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2018/07/cropped-1_Primary_logo_on_transparent_148x73-1.png
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 26d3bbbb283ce5b0940bd4810becf70d1a151d7fa468917be5b7334f965497d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
last-modified: Thu, 02 Aug 2018 07:53:21 GMT
server: LiteSpeed
etag: "13a4-5b62b871-bd806857c778232;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 5028
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
H2 200 banner.min.js Show response
yenphat.com/scripts/ 8 KB
3 KB 2475ms
238ms Script
application/javascript 103.75.185.69
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://yenphat.com/scripts/banner.min.js?ver=1881123480
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.75.185.69 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 205ca3af2fc80977150617e07a3a7013b51381fcfbeef969f8dcf179c73a7309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 03:18:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2616
expires: Tue, 14 Mar 2023 02:34:57 GMT

GET
H2 200 a0aa7c93e1a023181faf3e072bdc0eea.js Show response
mayvesinhmienbac.com.vn/wp-content/litespeed/js/ 138 KB
36 KB 849ms
847ms Script
application/javascript 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-content/litespeed/js/a0aa7c93e1a023181faf3e072bdc0eea.js?ver=d6124
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 42bf036bd50a9c8c48c7c7be3f0dd80d471351efd0433dee1e0e504317320c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:55 GMT
content-encoding: br
last-modified: Thu, 09 Feb 2023 06:55:50 GMT
server: LiteSpeed
etag: "226c9-63e498f6-46f9022c62b6c098;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 36958
expires: Thu, 06 Apr 2023 02:34:55 GMT

GET
DATA 200
OK truncated Show response
/ 226 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d74d6d7e30ddcf084adc7687a2b1c97ef0da4213ca2a4aefaba8cafacccdf517

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e67dcd83066d9689fee5822bdbba52ea96d309d76e5c6c3904fdef2e53b85840

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 138 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d2b202e7f1a9355e3bbda5cbaa1d3dcb2c842ae9463e64692c69a33858a879a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 134 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43e2af1dc755343b261295b69c2080688ae4ad9d7f96601498e64a65cd29a2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 134 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22dbf3b0efbd1a2d48320a266e28230ef15cbd47de5f1542d13905b804bf9275

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 254 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b967fae86c5b5ce1ba7c560983e97353f23e3d196c45b1782a175a9029276f52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 121 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c961c13ec5b0b257ee7049bdeb1078def025e3ee6c02ca609b6a45e2ca48056f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 235 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd64bc7bfe94a1ac43581bc1cae95116f632b9acd2a679365c39ab88d0f34373

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 104 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eddeff7a157e6dd0fef737ca332d3bdc613541be3e7d73843dc4ed8c87ea87d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 263 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a8925736a6d04e3a3659bdadfbd2c5f9f8bcac0fc1d03237488dd92b9c511a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 fa-solid-900.woff2
mayvesinhmienbac.com.vn/wp-content/themes/elegant-magazine/assets/font-awesome-v5/webfonts/ 39 KB
39 KB 218ms
217ms Font
font/woff2 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-content/themes/elegant-magazine/assets/font-awesome-v5/webfonts/fa-solid-900.woff2
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/wp-content/litespeed/css/ca3c344e9a6020fd3e2f07bfef41394e.css?ver=d6124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Referer: https://mayvesinhmienbac.com.vn/wp-content/litespeed/css/ca3c344e9a6020fd3e2f07bfef41394e.css?ver=d6124
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Wed, 25 Jul 2018 08:24:30 GMT
server: LiteSpeed
etag: "9cd4-5b5833be-c5f496d0b98b8754;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 40148
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 khu-du-lich-son-tien-khai-truong1.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 88 KB
88 KB 224ms
217ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-son-tien-khai-truong1.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 36f9dc40578c04de097cd3ef212dfadbc26ec2feed2f88b20964ad75ed9dc872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Sat, 04 Mar 2023 07:39:22 GMT
server: LiteSpeed
etag: "16104-6402f5aa-f8ddca59aa74c6aa;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 90372
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 khu-du-lich-son-tien-dong-nai.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 124 KB
125 KB 410ms
403ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-son-tien-dong-nai.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 59095fb8a570b06f177ea040f7ba9e97a74b893bae4c69e485b6347a2f3843c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Sat, 04 Mar 2023 07:06:37 GMT
server: LiteSpeed
etag: "1f1ed-6402edfd-238b521deebbefe3;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 127469
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 khu-du-lich-vuon-xoai.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/ 118 KB
118 KB 448ms
441ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/03/khu-du-lich-vuon-xoai.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f41fbe6e7af5d6559e63dc7bb6f8e98093a9bb67ce29e200d9c2508d66041b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Thu, 02 Mar 2023 09:00:16 GMT
server: LiteSpeed
etag: "1d6f0-640065a0-34e784eabc455c98;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 120560
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 khu-du-lich-suoi-mo-bac-giang.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/02/ 129 KB
129 KB 624ms
617ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/02/khu-du-lich-suoi-mo-bac-giang.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7ad1b1b7a6f9577b60cb8e660d33d7477a797762ae1f5195ec31ce46df96eb3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Wed, 22 Feb 2023 07:46:07 GMT
server: LiteSpeed
etag: "202f2-63f5c83f-6755607864649202;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 131826
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 khu-du-lich-suoi-mo-ha-noi.jpg
mayvesinhmienbac.com.vn/wp-content/uploads/2023/02/ 113 KB
113 KB 619ms
618ms Image
image/jpeg 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mayvesinhmienbac.com.vn/wp-content/uploads/2023/02/khu-du-lich-suoi-mo-ha-noi.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 689a97639bd9ebfaad3542753b24340111c7ff14a9bc03db98208e8f0cedd629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
last-modified: Wed, 22 Feb 2023 07:09:36 GMT
server: LiteSpeed
etag: "1c224-63f5bfb0-fa5781043d7db148;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 115236
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 70ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d28d21087462a24f07e540b28366958d068f99b52ce995eafad0c7e8cc2c55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 02:34:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mayvesinhmienbac.com.vn/wp-includes/js/ 14 KB
4 KB 608ms
608ms Script
application/javascript 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: br
last-modified: Thu, 08 Jul 2021 00:53:41 GMT
server: LiteSpeed
etag: "3795-60e64c95-2ebce85fdec22e71;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 4323
expires: Thu, 06 Apr 2023 02:34:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame 1082 10 KB
5 KB 52ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 22:05:37 GMT
etag: 2378337311435320485
expires: Mon, 20 Mar 2023 22:05:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219747095-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Mar 2023 00:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6701
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Mar 2023 02:43:15 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 361 KB
119 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2805726716437986&plah=mayvesinhmienbac.com.vn&bust=31072714

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cce85ee52825effa5cdf1a943a527902fb43430bc7a46ae562e304aaf0ccc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121819
x-xss-protection: 0
server: cafe
etag: 12633090369636725431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 uK_y4riWaego3w9hDRcS.woff2
fonts.gstatic.com/s/andada/v19/ 12 KB
12 KB 53ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/andada/v19/uK_y4riWaego3w9hDRcS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e5c3c7e99b29b42d5602f64cc62801a3ee8ef9b7a59c3ae8941fe0fb5aefa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:31:32 GMT
x-content-type-options: nosniff
age: 331404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:17:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 06:31:32 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 68ms
30ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:58:53 GMT
x-content-type-options: nosniff
age: 495363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 08:58:53 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 75ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 439560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 55ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:08:16 GMT
x-content-type-options: nosniff
age: 484000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:08:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 64ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:51:45 GMT
x-content-type-options: nosniff
age: 304991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 13:51:45 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 77ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:29:18 GMT
x-content-type-options: nosniff
age: 439538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12612
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:29:18 GMT

GET
H2 200 uK_y4riWaego3w9hAxcSAv4.woff2
fonts.gstatic.com/s/andada/v19/ 6 KB
7 KB 74ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/andada/v19/uK_y4riWaego3w9hAxcSAv4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Andada%7COswald:300,400,700%7CSource+Sans+Pro:400,400i,700,700i&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeecc06a84d03749f59ae5281c9377d23a5b9d636ae11ef13ef5cd864b2a6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mayvesinhmienbac.com.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:35:59 GMT
x-content-type-options: nosniff
age: 421137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6600
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:02:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 05:35:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 18ms
18ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=242060656&t=pageview&_s=1&dl=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ul=en-us&de=UTF-8&dt=M%C3%A1y%20v%E1%BB%87%20sinh%20c%C3%B4ng%20nghi%E1%BB%87p%20Mi%E1%BB%81n%20B%E1%BA%AFc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=896067151&gjid=677655590&cid=690880222.1678156496&tid=UA-219747095-1&_gid=279984574.1678156496&_r=1&gtm=457e3310&z=1321084940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mayvesinhmienbac.com.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mayvesinhmienbac.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 18ms
18ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=242060656&t=pageview&_s=1&dl=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ul=en-us&de=UTF-8&dt=M%C3%A1y%20v%E1%BB%87%20sinh%20c%C3%B4ng%20nghi%E1%BB%87p%20Mi%E1%BB%81n%20B%E1%BA%AFc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=755721417&gjid=2092990408&cid=690880222.1678156496&tid=UA-250290217-1&_gid=279984574.1678156496&_r=1&gtm=457e3310&z=90353744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mayvesinhmienbac.com.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mayvesinhmienbac.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 413 B
615 B 128ms
49ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mayvesinhmienbac.com.vn&callback=_gfp_s_&client=ca-pub-2805726716437986

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2805726716437986&plah=mayvesinhmienbac.com.vn&bust=31072714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63c8cad4aea56abaa379c78ebfe344922a931ca8a6f7fc42174302023b47596b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 91ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mayvesinhmienbac.com.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 61ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mayvesinhmienbac.com.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 60F6 114 KB
37 KB 333ms
332ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=1583899163&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496083&bpp=3&bdt=986&idt=116&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5361503642787&frm=20&pv=2&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L9d0sQYDwV&p=https%3A//mayvesinhmienbac.com.vn&dtd=141

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cac19c5c2f3762a4c1bb92df66ea7542882ffb16a7ccf3020383dba6ebb3fe88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8ADA 439 KB
89 KB 385ms
385ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&adk=1812271804&adf=3025194257&lmt=1678156496&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496086&bpp=3&bdt=989&idt=164&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f6840fc8c8bfb0b577762ec2022cff337644ac9aab2a4cd0aede1e4c0186c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8160 112 KB
37 KB 302ms
301ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c268ad839371ae6f0f02e145201effeb74c011cd89a3ad01383e216280859882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37650
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5A4 105 KB
37 KB 426ms
425ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=6200954725&adk=1304420653&adf=635674564&pi=t.ma~as.6200954725&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496090&bpp=1&bdt=993&idt=194&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=kgoVTJFP7P&p=https%3A//mayvesinhmienbac.com.vn&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e9244034aa1a19ac32a5b49ecef346a0554ae76eca726226ab5ce6644676e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09C0 96 KB
34 KB 347ms
346ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=9437098949&adk=3372793509&adf=3235366628&pi=t.ma~as.9437098949&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496091&bpp=1&bdt=994&idt=200&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=wTQ3B3qzbR&p=https%3A//mayvesinhmienbac.com.vn&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849d62eb57f223b0b89a504b9b90f386fe90ae86f9c0c7e70975365c522ac3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07C0 104 KB
36 KB 346ms
346ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=3271107859&adk=1861359322&adf=1258240622&pi=t.ma~as.3271107859&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496092&bpp=1&bdt=995&idt=204&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2xztkaDc5V&p=https%3A//mayvesinhmienbac.com.vn&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

164db9f4ee245a9eba4e76b41e1a569f09265d90caa5d4dcc0048be833743c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36615
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:56 GMT
expires: Tue, 07 Mar 2023 02:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 60F6 6 KB
745 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=1583899163&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496083&bpp=3&bdt=986&idt=116&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5361503642787&frm=20&pv=2&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L9d0sQYDwV&p=https%3A//mayvesinhmienbac.com.vn&dtd=141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 00:38:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 60F6 36 KB
14 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc501f0d6eb72a8bba9836e0c49735c0e9c369a49456d33b1fc9ef91c6841924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14314
x-xss-protection: 0
server: cafe
etag: 3208470295077409611
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:51:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60F6 158 KB
49 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 60F6 22 KB
9 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 60F6 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 60F6 20 KB
8 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8160 6 KB
745 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 02:17:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8160 36 KB
14 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc501f0d6eb72a8bba9836e0c49735c0e9c369a49456d33b1fc9ef91c6841924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14314
x-xss-protection: 0
server: cafe
etag: 3208470295077409611
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:51:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8160 158 KB
48 KB 89ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6157977566492340731/ Frame 8160 37 KB
37 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6157977566492340731/14763004658117789537?w=400&h=209&tw=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23c5d53f3aa35aad91313e93637a8b29cf28ca2b9dd4b02182483e82bf0ffa6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:32 GMT
x-content-type-options: nosniff
age: 330864
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37740
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:49:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 06:40:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 8160 22 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8160 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8160 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H2 200 13909667513798226491
tpc.googlesyndication.com/simgad/ Frame 09C0 42 KB
43 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13909667513798226491?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmMcY5Ta8WNsZISry7MmGh8gfuN0w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=9437098949&adk=3372793509&adf=3235366628&pi=t.ma~as.9437098949&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496091&bpp=1&bdt=994&idt=200&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=wTQ3B3qzbR&p=https%3A//mayvesinhmienbac.com.vn&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7649552ffdc896260289ddaea4dd89c30d59575f4caae0b222ef942811f34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:55 GMT
x-content-type-options: nosniff
age: 305821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43373
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 08:00:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 13:37:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 09C0 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4LgC0KIGZMq5E4iZ-gaGpbu4C_Wm5alvz4rOvv0QkJTFrMwEEAEg6saNgQFglYKAgKwHoAGD7v_tAsgBAqkCSZzPxXBmbD6oAwHIA8kEqgTdAU_QfozaN7NbXqg5y9X5bgb97nOv5Tj6V3aaQIREj4EB5vtTF_jNF165FQV9OTYQZgtpc0p5TJ2ZamBpELvtwY_HJjDX9q-V-FpVU0PnxkYTWc_n4xacJwMdGZMOkcHn7NOfjv8SeYFHpWFZ7iwW2YAN-oloud6Lh7WY1IOzVKIDVKZuILqNHF943r0xJAwsXIjmLE6S9JQ1JjumadAofTZIh5xcRKQFKST9D84IDir8bLpPnRn7nDP25eTOr--kimieaUNoWyfn3a8h-T8WqovmOGFnTGxfEfmhg0f0wATH8Y-BngSSBQQIBBgBkgUECAUYBKAGAoAH5ZGAkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDGS9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI4MDU3MjY3MTY0Mzc5ODYYAA&sigh=AHQwK5I8Iso&uach_m=[UACH]&cid=CAQSGwDUE5ymXxANgsjHmAaX2fShrLJbDFJKPWg4vRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=9437098949&adk=3372793509&adf=3235366628&pi=t.ma~as.9437098949&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496091&bpp=1&bdt=994&idt=200&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=wTQ3B3qzbR&p=https%3A//mayvesinhmienbac.com.vn&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 07C0 225 B
249 B 17ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=3271107859&adk=1861359322&adf=1258240622&pi=t.ma~as.3271107859&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496092&bpp=1&bdt=995&idt=204&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2xztkaDc5V&p=https%3A//mayvesinhmienbac.com.vn&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:09:48 GMT
x-content-type-options: nosniff
server: cafe
age: 23108
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 07 Mar 2023 20:09:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 07C0 2 KB
765 B 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 07C0 22 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 07C0 3 KB
1 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 07C0 20 KB
8 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07C0 158 KB
48 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 07C0 34 KB
14 KB 116ms
29ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 07C0 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy4dE0KIGZMHiE828gAeHrI3YDunWtYZvjIPf6MkRtsK-3oUCEAEg6saNgQFglYKAgKwHoAHGuNKlKMgBAakCTCXPuFaLjj6oAwHIA8sEqgTvAU_Qq17Tr8zcPqJNkmormm7IOwcgkV0Zluys7LvyU8QOV6NnJPEFnSpRXjLnk_qElT-GZTnx0n9tiOdMHZ8mMoYWseAPFqvzm1SrgS1poTmc4E1Y6kYzYBPVehbJYn4LUQxqbhGD_Se3cM5Z0bVzj0TE0je-5P1ZzJsC0EJ5xYbkk1sPPPsJUsuc7ABsjqi6pObr4zlsofgr8557EgvzGQqTXP6EDcEyb8DCZo-KzVw6iBJH6vaXGkITgAMZog3UWq_Ui4xghaZLJJRX_y-UrNPuQgbdqk18Mj_Gq0wkfaiTo0SSLEukqwnwcGbVjZP2wASb9J2w6AOSBQQIBBgBkgUECAUYBKAGAoAHxvCihQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDEjQTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yODA1NzI2NzE2NDM3OTg2GAA&sigh=GaVBgrXPGRY&uach_m=[UACH]&cid=CAQSGwDUE5ymQZ_a8qafdN5OydTHLjCG2pdcH6-VTRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=3271107859&adk=1861359322&adf=1258240622&pi=t.ma~as.3271107859&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496092&bpp=1&bdt=995&idt=204&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2xztkaDc5V&p=https%3A//mayvesinhmienbac.com.vn&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 09C0 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 09C0 3 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 09C0 20 KB
8 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09C0 158 KB
48 KB 38ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 09C0 33 KB
13 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:47:33 GMT

GET
H3 200 5435211752822924013
tpc.googlesyndication.com/daca_images/simgad/ Frame 07C0 43 KB
43 KB 180ms
175ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5435211752822924013?w=360&h=720

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8753ba6b95fcf0ef441175e6a85f93d7debb004e2a8a7068047284ffde2021d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43978
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 21:59:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 02:34:56 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D5A4 225 B
249 B 15ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=6200954725&adk=1304420653&adf=635674564&pi=t.ma~as.6200954725&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496090&bpp=1&bdt=993&idt=194&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=kgoVTJFP7P&p=https%3A//mayvesinhmienbac.com.vn&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:09:48 GMT
x-content-type-options: nosniff
server: cafe
age: 23108
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 07 Mar 2023 20:09:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame D5A4 2 KB
765 B 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame D5A4 22 KB
9 KB 23ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame D5A4 3 KB
1 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame D5A4 20 KB
8 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5A4 158 KB
48 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame D5A4 34 KB
14 KB 41ms
36ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 150 KB
51 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/reactive_library_fy2021.js?bust=31072714

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56fd2a7e5544cb7c9ced99dfc654164396a734baf07940de596a73dbb8c0ebe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52399
x-xss-protection: 0
server: cafe
etag: 4697756116970257477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 60F6 0
0 62ms
61ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkBu30KIGZIu4D8uK7gPTmJ6oBtGl25dvtd6Pof4Q0OuPgZ45EAEg6saNgQFglYKAgKwHoAHVlP7HA8gBBqkCRSbFt3TpsT6oAwHIA8MEqgThAU_QPbI54RlWyB0p0YW-syDXHKIm_kJRfOMcAHH5KO4PnIHTZ6fRJgE8QZJ2DqNwfjDG8XtLOba_wHWkDiCn7WnnhkTYiJhvU99GecUcHwx1WA0X2eAMD-2V-vL4_nEORMEQGYUHBG7da6mABlCYmd1m4071JdbDaTBIvak6ICR3-rhX3Z6ED53ewPbG-bmTMZgkmLnepehPchDTk967yqjlTwoKSTLGO1LXYzchTZyVBXcxtxyw6mnmOMfcfLxAI9lwEy9X8XmJPEGHeccv7QCIT-6csphgA-A9zHz6Q5yhVMAE1trrsKQEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB7y_qS6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQ_ssB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjgwNTcyNjcxNjQzNzk4NhgA&sigh=PY-W68ROPIg&uach_m=[UACH]&cid=CAQSGwDUE5ymCxrYGlH9-I8skLuspb0oMQslwNOI0xgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=1583899163&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496083&bpp=3&bdt=986&idt=116&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5361503642787&frm=20&pv=2&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L9d0sQYDwV&p=https%3A//mayvesinhmienbac.com.vn&dtd=141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2834 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=1583899163&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496083&bpp=3&bdt=986&idt=116&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5361503642787&frm=20&pv=2&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L9d0sQYDwV&p=https%3A//mayvesinhmienbac.com.vn&dtd=141
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6476360784118738362_17228211643310671959.png
static.doubleclick.net/dynamic/5/413526022/ Frame 60F6 5 KB
5 KB 58ms
13ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413526022/6476360784118738362_17228211643310671959.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91f760eaddf26760ea85352cbdbdf23ec4b925f3543d4c3738110e427ea03cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:14:53 GMT
x-content-type-options: nosniff
age: 368403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4823
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 09:17:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 20:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 60F6 15 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 320225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 60F6 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 90350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5A4 0
0 58ms
56ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C51Nw0KIGZPuEE4jpgQfwn5fQDueu_YJvqpzzw5kQ2tkeEAEg6saNgQFglYKAgKwHoAHK5vvoA8gBAakCcSR_aUoyxz2oAwHIA8sEqgTcAU_QvRF9UrFocL5kA7qQrk72_A-t8LT_G_UZgZE0UyX0QSpRWJrfhU4-WRjAyRjUHwAXynHIiIgL14InhntZSpMpymv5w34HsFMIgtBjUcazYbD_JseEmoJNCWtxjeDwxhj0zqYfxX9sYIl3_hqVYX3twT1-fMDW5dvYSYqp0msBfNwC-3xsLFfHi5Nh0lBz1Pb4wufrDG2C2rIsS_PsbWDcwE6vZOgugEN-xK1GoHvOQPebF1voTXHJPhjiCsUNmbTs9rwyAysHzqBd3re0B9iCcLIfh6z51A-ER17ABPSYn7f9A6AGAoAHnpmEF6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7gBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMDiBQD0BUBgBcBshccChoIABIUcHViLTI4MDU3MjY3MTY0Mzc5ODYYAA&sigh=50nZK3T-X7E&uach_m=[UACH]&cid=CAQSGwDUE5ymMK1hmMbBSYoPFs2dD5qY5pjdxqYvfxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=6200954725&adk=1304420653&adf=635674564&pi=t.ma~as.6200954725&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496090&bpp=1&bdt=993&idt=194&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=kgoVTJFP7P&p=https%3A//mayvesinhmienbac.com.vn&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8160 0
0 60ms
58ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfGmt0KIGZIT1EoOBgQefvZfADurS0K1v8qzMwqgR2qCugMs4EAEg6saNgQFglYKAgKwHoAGHsu6oAsgBBqgDAcgDywSqBN8BT9AtgNzb_STBBG9ONP4OpruPEErBDxNX0souwgMuPnBQWR_0BTI1HHAG22iBDl1YrCMJgWlsh6b1z9dhWH_oI70bwh6SVRoYH8m8KCShlxarxx8usHCfltdI7MMyCDtxuM-AWyVR2xQ8QHUNUU_-beyK2ATwthCYQRArJDj1zGuG1AVMJOh3QkyUQKfwD34af5eoYhwqHubU78am8Zs-c9A33Bv7LGXXgv4eTVS_ucdmzsHP_irNbZ9KHLzUjwu-oFmdYK7IKPmzNLCdIVW4KYFwYZyGERpbk--Pjr5mFsAEq-_w9Z0EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB5j93NcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ1SrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yODA1NzI2NzE2NDM3OTg2GAA&sigh=NVoPieNUP1c&uach_m=[UACH]&cid=CAQSGwDUE5ymlu9EQjpeQOA8qpxyQZawRun1G4tiuBgB&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6118 143 B
166 B 18ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mayvesinhmienbac.com.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mayvesinhmienbac.com.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E4B 24 KB
10 KB 256ms
255ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96e0d1e6e522cdfb78b12a697adc3425e56f94d7bde55dd62c43ac23b0caf972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 10241
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 60F6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c105937611bf2ae0440dd62ed1e2a8a2a5f43584899cfa89b444c1ac32f3caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8160 15 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 320225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8160 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 90350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 17142000406372022591
tpc.googlesyndication.com/daca_images/simgad/ Frame D5A4 22 KB
22 KB 144ms
144ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17142000406372022591?w=360&h=640

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e389b33bf1795738dc06fbb84540209a7dfc3d070e89ccc1826572e41bead36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22620
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 19:05:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 02:34:57 GMT

GET
DATA 200
OK truncated
/ Frame 8160 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c0ae065be1a08f4dc8db440c64d785bc94f5d4e3d4ae23019b38f92c297e40a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE82 143 B
166 B 23ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=600&slotname=9437098949&adk=3372793509&adf=3235366628&pi=t.ma~as.9437098949&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&format=279x600&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496091&bpp=1&bdt=994&idt=200&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0%2C711x271%2C279x600&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=wTQ3B3qzbR&p=https%3A//mayvesinhmienbac.com.vn&dtd=202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 07C0 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32519148ba54a668fdf17ad03181d18ef87aeacc1c6b1e9fcfff227634f5311c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 09C0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b98d21d7e5e8f24c98e313e3eef8e29e97611019d9d1a53cf52e5fd3f5c95ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame 2DEA 10 KB
4 KB 21ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 22:10:45 GMT
etag: 2378337311435320485
expires: Mon, 20 Mar 2023 22:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame F3C1 10 KB
4 KB 22ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 22:10:45 GMT
etag: 2378337311435320485
expires: Mon, 20 Mar 2023 22:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame EA16 10 KB
4 KB 22ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 22:10:45 GMT
etag: 2378337311435320485
expires: Mon, 20 Mar 2023 22:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2834
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
30ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
expires: Tue, 07 Mar 2023 02:34:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame E2A3 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
DATA 200
OK truncated
/ Frame D5A4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41602fa529d206badcb52fcbcf073e056595f8488cd01f5ca0cde50dc8b6084e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6118
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
30ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
expires: Tue, 07 Mar 2023 02:34:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E58 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=271&slotname=8948948123&adk=3450033336&adf=3622240349&pi=t.ma~as.8948948123&w=711&lmt=1678156496&rafmt=11&format=711x271&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496089&bpp=1&bdt=992&idt=185&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=711x271%2C0x0&nras=1&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=4118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rTR5IPS9oZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D35 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame ADC4 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2CB8 624 B
242 B 32ms
29ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNUo3YEA-D6pVsgB5lFHufs8myx04MsE8BmIL_VJ6xlng0-B6MP7RUZJdUvJLqnDmF09HjAAJd05YPRPj-QiExYBsLnDDCYXBkoaPo2f8oBQjcWVOtCUAWRJlVdHWeldXy5DaDyBlAk3f-bUvpAF4IHaYipA0gXMHa_qaq3pEXLXciXYx2Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FD16 78 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame FD16 3 KB
1 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame FD16 20 KB
8 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FD16 0
0 29ms
22ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAconm98tQnX5faQtelTbzDUmH_KvfQd3x4WKwKs58ZxIscl4Hm8UwzazbEW5GrSiI4GsWnvovTvUitVLEOqrTUTqvBQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD16 158 KB
48 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD16 42 B
63 B 52ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGiZLQz-UD1oi1dSmCKJmZBwIE04FYbETaHdBOj3t4DkQNNbCttM_ytLVYYLPkKm8kY_JUAHNDUp_1YRF3Uf52GUex6yHiPgiI9kisWZVyEQfnIRU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD16 0
20 B 90ms
87ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=497959030664232499&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2DEA 4 KB
636 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:26:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2DEA 205 B
519 B 30ms
29ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 23:03:57 GMT
x-content-type-options: nosniff
age: 12660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Mar 2024 23:03:57 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2DEA 604 B
695 B 31ms
29ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:24:21 GMT
x-content-type-options: nosniff
age: 18636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Mar 2024 21:24:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 2DEA 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 20:46:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F3C1 6 KB
672 B 43ms
39ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 02:09:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame F3C1 2 KB
765 B 16ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame F3C1 22 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame F3C1 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame F3C1 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3C1 158 KB
48 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame F3C1 34 KB
14 KB 33ms
31ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame EA16 10 KB
4 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:02:20 GMT

GET
H2 200 67aaecca7d4c17753e791d23613bc19c.js Show response
www.gstatic.com/mysidia/ Frame EA16 11 KB
5 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67aaecca7d4c17753e791d23613bc19c.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:43:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA16 8 KB
895 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 02:13:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame EA16 2 KB
765 B 34ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame EA16 22 KB
9 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame EA16 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame EA16 20 KB
8 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA16 158 KB
48 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame EA16 34 KB
14 KB 33ms
31ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2CB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&C=1

43 B
632 B

19ms
18ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNUo3YEA-D6pVsgB5lFHufs8myx04MsE8BmIL_VJ6xlng0-B6MP7RUZJdUvJLqnDmF09HjAAJd05YPRPj-QiExYBsLnDDCYXBkoaPo2f8oBQjcWVOtCUAWRJlVdHWeldXy5DaDyBlAk3f-bUvpAF4IHaYipA0gXMHa_qaq3pEXLXciXYx2Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2CB8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAai0ekePU2q5OLn.4nLzQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&google_hm=2

43 B
632 B

46ms
45ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNUo3YEA-D6pVsgB5lFHufs8myx04MsE8BmIL_VJ6xlng0-B6MP7RUZJdUvJLqnDmF09HjAAJd05YPRPj-QiExYBsLnDDCYXBkoaPo2f8oBQjcWVOtCUAWRJlVdHWeldXy5DaDyBlAk3f-bUvpAF4IHaYipA0gXMHa_qaq3pEXLXciXYx2Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLywlWlQXbsUbttOAG77iw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2CB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHsEYa5MvYSZXb4eS5cgKYM&google_cver=1

43 B
1 KB

18ms
15ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHsEYa5MvYSZXb4eS5cgKYM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNUo3YEA-D6pVsgB5lFHufs8myx04MsE8BmIL_VJ6xlng0-B6MP7RUZJdUvJLqnDmF09HjAAJd05YPRPj-QiExYBsLnDDCYXBkoaPo2f8oBQjcWVOtCUAWRJlVdHWeldXy5DaDyBlAk3f-bUvpAF4IHaYipA0gXMHa_qaq3pEXLXciXYx2Q

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:57 GMT
AN-X-Request-Uuid: 5ca5972c-2177-412a-814d-7ff8a1abb32d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHsEYa5MvYSZXb4eS5cgKYM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CB8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D

170 B
188 B

33ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Mar 2023 02:34:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d0a9a889-bbdf-43be-9401-4bda8bfbf51b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD16 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1728077627811&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD16 0
20 B 78ms
78ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1728077627811&version=m202301230201&ct=77&x=1&cor=497959030664232500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FD16 15 KB
11 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh9cuwtqUyT0zUlDAZ1yzNDPpONX5jdKqj_oMywRfrJG5xK48OobcZ-0OBGp4_3g0XU661-FcIhFn_E352n9sKu6H5S7FaNtxf-8S70jmtq5Adxl4dSrhJUhbXIfffq-CIa5eA_q9CppCJAGlU56DgbqcQSegiIsrUqFNT2YsBGLocguM&cry=1&dbm_d=AKAmf-DHw_i9N76E7HdgUarF94o_j16gnsbDd0hvgexDOAp_8dQGlO5YDBTDHMNqO59jn8IiLa24Mjz8TOJSh1xCWN7kYxdQ9cCvqNCsaLuEjlvAfgWjRlbTgFpYcFJij9Y4h9-pXMnScAn48wVTZbFvtPwD-PHrnrA1nzLVSnp4XIAV2BQ68L_MrvA3Mmym-5lB5xTY_3bsuwdw0rfsOfGeKKAqkg1nPsA7dyLEO4xqukXn0rpmosIyPtxZuz2nZIEEXRoYaKH7ofN4z1mp2ERPb_yzPMKAmZSMEeGe3-jr_LXFYTvTK-l5642ladVUwPdmx0_6n8493yamIokVHJjMsIYx8lOxy4oa2YqJhameGzbVC-bj4FxPOtdUxPFCEgP2n-KRDIDtGKbSqvFpQuQpcnQCy8KB8EpWCGELBHnT7cGF1z6i7EIIurwFxnHhweyeA0eKNlqeJrCZJh4eQ9eX4sJ_qXjhUHSlOm7x8kpd6aS5hAM_tVlqWUmaOsK1aEWWI2he03V2zrQEva6tk1HtwmdofBfTSATKiK4vE8PXkVMdOW37FH3f1QE6Lq9J__lzXiG7VqxJZSidTHPJgpkTC9VKuHMk8UCEpWFENchC-dpAGcwq8uXXyssdVtUyn8oNzCK6WHGAqgPlt_wEWcQ7hVK0yQIb0Hd7ddh7jg3F7LIq4tQQopT_IFxI7MfdC97xcU3MZYnNa-vfFWJF1qTp2WCLE_6QsiQmesTB2ykxKd_-urY22EkoVV3g3y5an6IZr45CeT0kFpbUBQCl5QKIFjvHht9v-ejTehG5dmEEP8hIIbmB38xD1L1OlBqPk-9zg7PTjoiWwi-6mzBywzefZ_3WmZnib-Rjn4Al8yPsgts_U3CBzAiqubDpMaruyLQrq3KFh1AdUTANQgrKz1EHGSAh1Ou3cbnasyKCbZ5-R0L68n3sMk6xytJN_BzPqEG3nEYd5vai1SCLS1S70vknFls4roTbXFXItGk3GEauA7loLxb664myeoMz4ZuWl2q8_3c7hjjsz6sZEftQqfLgzuzwmHVEj0j1OYbTwfAtMoDs-tGiBV7a8LorfO582FkQfl2oo1WPPKce7racjwUVacQ0GOImfm1Etq43EqnaLROpvJxw6SHGC_EPUsS_pekbOwFC9pPKpMm3RCCCTvWxX4ii5XoGWvrEq57tV9FYUieH2095LEaxwAGCfdnpdU_F_TG85-kBytzfXk_1FMzEXl77twCW7dSjEKgu8c0IcXWIMrLgb_XjBlNj4OLSl4El8Wzjs-o1l8Co_fxznljkZN2udE8Q5wjUqj_MLYMjpSteny6KvPB_GE4lLx07iottLoAWxYJCc6yb8zS46VtClZmakcgf6M_cAtrtz4QoCYhaLm_uMWSmGOoWQepa_zHEivDiPLovhcRuHhRDrSg962T2-tfdr4BTLY1WsPsuxClKdmxo6p0oWDqEdmaYI4PTIm1LkAY8ncA4fPD6cMDRrJdMYnVMXVtH1RXtl6fJlrqI-OhmkIhyT94utUY7qOJgWKrZu6LRK3JCyQrLFwMA8Vll8ae9jE6bP0-v8YPlzBbAxXaOvyXvU4uNpmwMDobW0jCjNioyHtLE7FfDyWrXncryV07_0NAiFQbEw8swhRe7kIbhbgJGJc87b48BzftohLYceZWwapKLObf_8MQ8HNfCWnGkQYujFdbAwsONlXIlG-2eMBn03vuIBrbXb_nVIl1jTXc1u5dV0g4-FLW4CBz-bNL6migz2IpM-sTbsQGhkrvWG2jYEs4wJcWZQK6RdmwBfWnFbBtkmYwSn_FP16P0T_LWC_ifxTNdhBPVHLn1UG5SyDXcTG63zmmmUrV9zGvSmwzLuR298A42PHEdeozj2Fdia0lT3IpIHwQ2X3yeNCPRZFDIqdQdEyen1B5_co6eyu4kVRuugyUKrvJ3PfCmIkxIQ58Rz_gay5M4EllTt7UYnLnMJaVCU___V4SE1SQVmt8TGpKudqudlpL0s5xbiHEQACp-OcoO9KJ3mk4_wUlh0ksQjiq4dxfcz-kq39fMtPLDPjtUEsFPGmi8FeGOZ-ZHcKyfhHjPiJLyPLBJKZTdt1r_bAjemX2J4xHBTxbLNs1PS2eLE6cQoOSNk0_7sgZFSJ-TVZfvgu65j0UphbEB8LL5GAnWkIQYeKI_JzLj_BfW1jfNz4La5VcFedImFBliAHBCS2Q5PvYFDA-2DuA3ni-Ar4K6VAi54iFoLbbbdVmZLgX5Mg4XCBnCVQ311wG-y_0I8yQflVYMETD90r9lHtqn49xK9tW1x5h3GjSt7P42rQJecr1860FMMgukrb77Ska4M46JilsQOTNIGjs0YXQzoTWkdMZ6WgpA1NGPn42V4v0UIB0eP54Gp0Z0rnxLQUvepD3GBOoMGZ2IP3II6Fg09-VnaQTF9JGHoIjJwyT3SxkNnnoNQXFnbZMaYiEaKT7v80hQAkKEaimGSERHKYnjZo2R8yvzcekMyF9ARXRgUNHd7DTP_3B2jen1D59qGS-ysep7QDwCOpm3Gvkkf_RRHewRspKQPpGl11JKS9wqcA0DIZhHfzFkDR38J1Cw1V2WQlWC7yeATV02fBvz70IoUsplm4FTjlhUVjuRcNz3irtwvLDguWX5k_DseVgiuCsURHQEzteYMOM3FfW_BUxXrus7rX3h8VdzJMeAbCvENzLmIcSTpX5JTlfG1VNf-xvN2NWPg7EbK5HVuUjxmZKQIZRvpQ9cIuI3mOClXC_Ddijq789239dIUSQ-vxG8kMg8v3QVxgRSgGih_Wo4_G94ve2KIxK8_tPt1Ck9bDKMhbRox_UEpIdQSmTiImn0v02h_LdhVC-5cwPzllMniXpI82fai6O7dGwpNHyWAkNGKLJR7d0BgviyE6dGqeZVi9dae2dwpkOD5GGYUU-dmZSzR_9adjq5hJFplIc3c6V0JZkjoQbbrTot6BOQMxeNmyg8TiaX3EbGbwLr8pTLL_iLCDe8d_KHfBqr4ZrnK8n32Sc6pfK40vKEN4DrvbzGamgkHWDFTj0bof9Yx0JxLQUWNVbxINDAPJt-Qbrgih9ls6zMjMPaRQqIPzyMlU4TvAaxd_Uhe0zu2vPjHxEFJmbfLEuCK0qXoaERG4ITj0taxT6kcUTEvze1SqQ4lojmMNeDhsIYFpeW8gQkT8hJb0vXNt-9XkDPFyEUYpFV2jdZGpsonYou8KeXqioMpTJO1qO3rmLBgaBwA2JQnHpSDcP8S9nzFspSGVGdqp0au9jDqMnCPS8SsUlHuPzbbFgtKPChyNj02WD7ns6ezHIX4mKZDbh7nS3D6pDKs7FdMUaQHDCKe-BwjwybFOFSUB03DUdC6No-yJ2S_n1RrMR241A4oGjwdNsd6k4oY9vfJASms64Tqk2S44QiJBf7ye05dSggMrWFpBM91J_kuhofHqFCf0wdEfHbqPiIljtGJvIP-WoXqL79HE4L4ahjW5wD_HrQbNQG9HO_PM6RLWE8uB4sJURB0u0h5toPAFalqQr9-o49IzUuHGKrMYORNRsEHhCFkCJ5o7nPbvdTeXVGNTMvvI9tq32TQZIxqDeuoP6toXfpVQeWqlERyV3BmfK-Ta1lBpE1fk7SPK_HK9qtElndzfAG5hngGix0p_ngTc7tlQmNtvay8rp_xRDvgPFZUP09eQeS3oKUpUXcHVJKYRhKAGuGwsQYQ1OuohHeKsXJkPl3whfQeMEgTk33SCM7MQ&cid=CAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ds=l&xdt=1&iif=1&cor=497959030664232500&adk=1877897943&idt=46&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b72f3158b65b59ab4c59f149997de83f2e3426aa77c04b3b6331d3f4c1057e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE82
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
expires: Tue, 07 Mar 2023 02:34:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 32F8 36 KB
14 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 835F 8 KB
895 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:38:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 835F 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 835F 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:38:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 835F 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:12:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 835F 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:39:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 835F 158 KB
48 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:34:57 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 835F 34 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EA16 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C82G20KIGZJjjEcWjx_APjtKl6AmiyJ79bqyM-uj0D5H3x_eDAhABIOrGjYEBYJWCgICsB6ABy5XzgQPIAQGpAp_78Q7y6bE-qAMByAPLBKoE9QFP0JEn0MqbtHVuam9wUPYd-UXD3S47uxD6nxdRjD9J1nvW2isyI2xwRpOhEKfkKibvwpgtkHw3Pzt4FYpwPb-gqQrOaxYPRh6a5HSHnjb3XDetHbr7kz7fEhsrcCqJZEqPr0fkb9cqQajmisS48GVKjXAKbZ1K3aVZqQZ10Zxbc1DdF6YXTa26Exiy_Z_NECJYSKgLJMmsWoKA5_Rfib7dgcOr9QNFnwEgaimYMparXM_6gZAIdxga5JgTwWI1U3vN6kch23K50MiL2I1GnVBfv4IDFtj8fOsy-x31oM3dd7T5ui75PMgLW_s3iFsEv_Ngt2tg2MAE6JH-6vwCkgUECAQYAZIFBAgFGASAB53qjH6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCGvgLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yODA1NzI2NzE2NDM3OTg2GAA&sigh=0fpWjwgwu7w&uach_m=[UACH]&cid=CAQSGwDUE5ymd0zyFRBe59FQOZYmlTvcp_6fhr8c9hgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 138F 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EA16 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48e4e0604f5e04049d0b9f6a8b63d31b607f1abc2c7e08a5c0a1f725ae4dd55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
mayvesinhmienbac.com.vn/get-banner/ 935 B
1 KB 245ms
244ms XHR
application/json 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/get-banner/
Requested by: Host: yenphat.com
URL: https://yenphat.com/scripts/banner.min.js?ver=1881123480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.3.30
Resource Hash: e874ef521ef10a4cd837745d63bfb9a23515aa4b24fa330711badaa06a0469e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.30
x-litespeed-cache: hit
vary: User-Agent
etag: "2851427-1677917043;;;"
content-type: application/json; charset=UTF-8
link: <https://mayvesinhmienbac.com.vn/wp-json/>; rel="https://api.w.org/"
content-length: 935
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FD16 41 KB
15 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh9cuwtqUyT0zUlDAZ1yzNDPpONX5jdKqj_oMywRfrJG5xK48OobcZ-0OBGp4_3g0XU661-FcIhFn_E352n9sKu6H5S7FaNtxf-8S70jmtq5Adxl4dSrhJUhbXIfffq-CIa5eA_q9CppCJAGlU56DgbqcQSegiIsrUqFNT2YsBGLocguM&cry=1&dbm_d=AKAmf-DHw_i9N76E7HdgUarF94o_j16gnsbDd0hvgexDOAp_8dQGlO5YDBTDHMNqO59jn8IiLa24Mjz8TOJSh1xCWN7kYxdQ9cCvqNCsaLuEjlvAfgWjRlbTgFpYcFJij9Y4h9-pXMnScAn48wVTZbFvtPwD-PHrnrA1nzLVSnp4XIAV2BQ68L_MrvA3Mmym-5lB5xTY_3bsuwdw0rfsOfGeKKAqkg1nPsA7dyLEO4xqukXn0rpmosIyPtxZuz2nZIEEXRoYaKH7ofN4z1mp2ERPb_yzPMKAmZSMEeGe3-jr_LXFYTvTK-l5642ladVUwPdmx0_6n8493yamIokVHJjMsIYx8lOxy4oa2YqJhameGzbVC-bj4FxPOtdUxPFCEgP2n-KRDIDtGKbSqvFpQuQpcnQCy8KB8EpWCGELBHnT7cGF1z6i7EIIurwFxnHhweyeA0eKNlqeJrCZJh4eQ9eX4sJ_qXjhUHSlOm7x8kpd6aS5hAM_tVlqWUmaOsK1aEWWI2he03V2zrQEva6tk1HtwmdofBfTSATKiK4vE8PXkVMdOW37FH3f1QE6Lq9J__lzXiG7VqxJZSidTHPJgpkTC9VKuHMk8UCEpWFENchC-dpAGcwq8uXXyssdVtUyn8oNzCK6WHGAqgPlt_wEWcQ7hVK0yQIb0Hd7ddh7jg3F7LIq4tQQopT_IFxI7MfdC97xcU3MZYnNa-vfFWJF1qTp2WCLE_6QsiQmesTB2ykxKd_-urY22EkoVV3g3y5an6IZr45CeT0kFpbUBQCl5QKIFjvHht9v-ejTehG5dmEEP8hIIbmB38xD1L1OlBqPk-9zg7PTjoiWwi-6mzBywzefZ_3WmZnib-Rjn4Al8yPsgts_U3CBzAiqubDpMaruyLQrq3KFh1AdUTANQgrKz1EHGSAh1Ou3cbnasyKCbZ5-R0L68n3sMk6xytJN_BzPqEG3nEYd5vai1SCLS1S70vknFls4roTbXFXItGk3GEauA7loLxb664myeoMz4ZuWl2q8_3c7hjjsz6sZEftQqfLgzuzwmHVEj0j1OYbTwfAtMoDs-tGiBV7a8LorfO582FkQfl2oo1WPPKce7racjwUVacQ0GOImfm1Etq43EqnaLROpvJxw6SHGC_EPUsS_pekbOwFC9pPKpMm3RCCCTvWxX4ii5XoGWvrEq57tV9FYUieH2095LEaxwAGCfdnpdU_F_TG85-kBytzfXk_1FMzEXl77twCW7dSjEKgu8c0IcXWIMrLgb_XjBlNj4OLSl4El8Wzjs-o1l8Co_fxznljkZN2udE8Q5wjUqj_MLYMjpSteny6KvPB_GE4lLx07iottLoAWxYJCc6yb8zS46VtClZmakcgf6M_cAtrtz4QoCYhaLm_uMWSmGOoWQepa_zHEivDiPLovhcRuHhRDrSg962T2-tfdr4BTLY1WsPsuxClKdmxo6p0oWDqEdmaYI4PTIm1LkAY8ncA4fPD6cMDRrJdMYnVMXVtH1RXtl6fJlrqI-OhmkIhyT94utUY7qOJgWKrZu6LRK3JCyQrLFwMA8Vll8ae9jE6bP0-v8YPlzBbAxXaOvyXvU4uNpmwMDobW0jCjNioyHtLE7FfDyWrXncryV07_0NAiFQbEw8swhRe7kIbhbgJGJc87b48BzftohLYceZWwapKLObf_8MQ8HNfCWnGkQYujFdbAwsONlXIlG-2eMBn03vuIBrbXb_nVIl1jTXc1u5dV0g4-FLW4CBz-bNL6migz2IpM-sTbsQGhkrvWG2jYEs4wJcWZQK6RdmwBfWnFbBtkmYwSn_FP16P0T_LWC_ifxTNdhBPVHLn1UG5SyDXcTG63zmmmUrV9zGvSmwzLuR298A42PHEdeozj2Fdia0lT3IpIHwQ2X3yeNCPRZFDIqdQdEyen1B5_co6eyu4kVRuugyUKrvJ3PfCmIkxIQ58Rz_gay5M4EllTt7UYnLnMJaVCU___V4SE1SQVmt8TGpKudqudlpL0s5xbiHEQACp-OcoO9KJ3mk4_wUlh0ksQjiq4dxfcz-kq39fMtPLDPjtUEsFPGmi8FeGOZ-ZHcKyfhHjPiJLyPLBJKZTdt1r_bAjemX2J4xHBTxbLNs1PS2eLE6cQoOSNk0_7sgZFSJ-TVZfvgu65j0UphbEB8LL5GAnWkIQYeKI_JzLj_BfW1jfNz4La5VcFedImFBliAHBCS2Q5PvYFDA-2DuA3ni-Ar4K6VAi54iFoLbbbdVmZLgX5Mg4XCBnCVQ311wG-y_0I8yQflVYMETD90r9lHtqn49xK9tW1x5h3GjSt7P42rQJecr1860FMMgukrb77Ska4M46JilsQOTNIGjs0YXQzoTWkdMZ6WgpA1NGPn42V4v0UIB0eP54Gp0Z0rnxLQUvepD3GBOoMGZ2IP3II6Fg09-VnaQTF9JGHoIjJwyT3SxkNnnoNQXFnbZMaYiEaKT7v80hQAkKEaimGSERHKYnjZo2R8yvzcekMyF9ARXRgUNHd7DTP_3B2jen1D59qGS-ysep7QDwCOpm3Gvkkf_RRHewRspKQPpGl11JKS9wqcA0DIZhHfzFkDR38J1Cw1V2WQlWC7yeATV02fBvz70IoUsplm4FTjlhUVjuRcNz3irtwvLDguWX5k_DseVgiuCsURHQEzteYMOM3FfW_BUxXrus7rX3h8VdzJMeAbCvENzLmIcSTpX5JTlfG1VNf-xvN2NWPg7EbK5HVuUjxmZKQIZRvpQ9cIuI3mOClXC_Ddijq789239dIUSQ-vxG8kMg8v3QVxgRSgGih_Wo4_G94ve2KIxK8_tPt1Ck9bDKMhbRox_UEpIdQSmTiImn0v02h_LdhVC-5cwPzllMniXpI82fai6O7dGwpNHyWAkNGKLJR7d0BgviyE6dGqeZVi9dae2dwpkOD5GGYUU-dmZSzR_9adjq5hJFplIc3c6V0JZkjoQbbrTot6BOQMxeNmyg8TiaX3EbGbwLr8pTLL_iLCDe8d_KHfBqr4ZrnK8n32Sc6pfK40vKEN4DrvbzGamgkHWDFTj0bof9Yx0JxLQUWNVbxINDAPJt-Qbrgih9ls6zMjMPaRQqIPzyMlU4TvAaxd_Uhe0zu2vPjHxEFJmbfLEuCK0qXoaERG4ITj0taxT6kcUTEvze1SqQ4lojmMNeDhsIYFpeW8gQkT8hJb0vXNt-9XkDPFyEUYpFV2jdZGpsonYou8KeXqioMpTJO1qO3rmLBgaBwA2JQnHpSDcP8S9nzFspSGVGdqp0au9jDqMnCPS8SsUlHuPzbbFgtKPChyNj02WD7ns6ezHIX4mKZDbh7nS3D6pDKs7FdMUaQHDCKe-BwjwybFOFSUB03DUdC6No-yJ2S_n1RrMR241A4oGjwdNsd6k4oY9vfJASms64Tqk2S44QiJBf7ye05dSggMrWFpBM91J_kuhofHqFCf0wdEfHbqPiIljtGJvIP-WoXqL79HE4L4ahjW5wD_HrQbNQG9HO_PM6RLWE8uB4sJURB0u0h5toPAFalqQr9-o49IzUuHGKrMYORNRsEHhCFkCJ5o7nPbvdTeXVGNTMvvI9tq32TQZIxqDeuoP6toXfpVQeWqlERyV3BmfK-Ta1lBpE1fk7SPK_HK9qtElndzfAG5hngGix0p_ngTc7tlQmNtvay8rp_xRDvgPFZUP09eQeS3oKUpUXcHVJKYRhKAGuGwsQYQ1OuohHeKsXJkPl3whfQeMEgTk33SCM7MQ&cid=CAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&ds=l&xdt=1&iif=1&cor=497959030664232500&adk=1877897943&idt=46&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 13:44:31 GMT

GET
H/1.1 200
OK g2gqt23fm9fm Show response
hal9000.redintelligence.net/zone/ Frame FD16 11 KB
4 KB 56ms
16ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g2gqt23fm9fm?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e16a4fd4512799598b1e54d8acac4e04c1d409fdac1b503f0428dfc1581feb5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 02:34:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4090
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/11164271764590395786/ Frame F3C1 39 KB
39 KB 30ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11164271764590395786/2076313506083323656

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f0cea3336f5fe215b0d98439e20a016aa1950cd0693106a5e24d73e90384a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 05:47:29 GMT
x-content-type-options: nosniff
age: 247648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40209
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 12:28:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Mar 2024 05:47:29 GMT

GET
DATA 200
OK truncated
/ Frame F3C1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F3C1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1e55fc2a7602837530109b0aa0d6a800ddde5a71e1af15b24e21dea5159f726

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F3C1 0
18 B 67ms
59ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-zd20KIGZJfjEcWjx_APjtKl6Am8quuRb4_h6syXEZ7gwISGAhABIOrGjYEBYJWCgICsB6AB48OgrSnIAQmpAp_78Q7y6bE-qAMByAPLBKoE9QFP0BZaY1oGvl9RxoykVHB0R4dCSBS8MkmfOSDes8wszOSV3JgCAPXmwC_JqN07Z_IVTpiHV2dSh2PbfeONLfCUE4jtvI7BYTtkZLfN3JeOS5spnkCFW0Jlvz5A6oZjvwRHLVUQg0--ir3PZfY7W6W8siBaWr5MLlOFlgx1VbrPRKCfc9LQTQfxixDwy7iPkGoug9SaEcPR-Sh660S9auecTSR0yfra74b2Zj4Vh9dsPZn3gbaPXMQ2nVs9pDbUW3IkBwajxdNUpWLGKMav6h38NRf-vzejR5OBVVviEcyvnC5qw1ieKY8_EJncdvdm3afuf7aZE8AE_ZqggJsEkgUECAQYAZIFBAgFGASgBi6AB-P78IwEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItMjgwNTcyNjcxNjQzNzk4NhgA&sigh=YVgvBjV3MfM&uach_m=[UACH]&cid=CAQSGwDUE5ymd0zyFRBe59FQOZYmlTvcp_6fhr8c9hgB&template_id=484&vis=1

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 02:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 / Show response
mayvesinhmienbac.com.vn/ 482 B
750 B 911ms
910ms XHR
application/json 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mayvesinhmienbac.com.vn/?wc-ajax=get_refreshed_fragments

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),

Reverse DNS

Software

LiteSpeed / PHP/7.3.30

Resource Hash

cc1ab02e733ad8277b5dee7d996615082cd4606fe96d8b148c944f4d2f0e4952

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://mayvesinhmienbac.com.vn/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/7.3.30
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mayvesinhmienbac.com.vn
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-litespeed-tag: 26c_HTTP.200,26c_HTTP.200
x-robots-tag: noindex
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 482
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame A3E6 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 393A 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 138F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
expires: Tue, 07 Mar 2023 02:34:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame CC6C 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4FED 22 KB
8 KB 55ms
52ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 573933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 11:09:24 GMT
expires: Wed, 28 Feb 2024 11:09:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame FD16
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

115ms
83ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: b1351e9c32cca2207b3d3d41457349ce514ca9d6eafc626c0b291c596dbb0b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92521700008260104444992012256012
Connection: close
Content-Length: 1132
Expires: Tue, 07 Mar 2023 02:34:58 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 07 Mar 2023 02:34:58 +0100

GET
H2 200 Thap-giai-nhiet-yp-400x800-002.jpg
yenphat.com/wp-content/uploads/2023/02/ 248 KB
248 KB 238ms
236ms Image
image/jpeg 103.75.185.69
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenphat.com/wp-content/uploads/2023/02/Thap-giai-nhiet-yp-400x800-002.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.75.185.69 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cd3ebef39995f80cb719e8d6c3687476caef99a7278e17415125d0a5ef581e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
last-modified: Tue, 07 Feb 2023 04:12:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
content-length: 253664
expires: Tue, 14 Mar 2023 02:34:58 GMT

GET
H2 200 Xe-quet-rac-yp-400x800-001.jpg
yenphat.com/wp-content/uploads/2023/02/ 172 KB
172 KB 950ms
949ms Image
image/jpeg 103.75.185.69
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenphat.com/wp-content/uploads/2023/02/Xe-quet-rac-yp-400x800-001.jpg
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.75.185.69 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 31b0ec13f05fd6f5ae3b96abab80693f17a2d1c360ec4edd7ac3975db6becf1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
last-modified: Tue, 07 Feb 2023 04:11:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
content-length: 176036
expires: Tue, 14 Mar 2023 02:34:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 393A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
26ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
expires: Tue, 07 Mar 2023 02:34:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame F9F5 36 KB
14 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

POST
H2 200 / Show response
mayvesinhmienbac.com.vn/track-banner/ 44 B
163 B 1571ms
1563ms XHR
text/html 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/track-banner/
Requested by: Host: yenphat.com
URL: https://yenphat.com/scripts/banner.min.js?ver=1881123480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.3.30
Resource Hash: 0b252e9ad8307e40e5f114519473798912f65a90a3c49b6b97b0b14f0344cf4c

Request headers

Referer: https://mayvesinhmienbac.com.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 07 Mar 2023 02:34:59 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.30
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-litespeed-tag: 26c_HTTP.200
link: <https://mayvesinhmienbac.com.vn/wp-json/>; rel="https://api.w.org/"
content-length: 45
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60F6 42 B
64 B 127ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSr7HFwVtN2wMu767A17fiQqI7sdYMDJR1Cd5xkd-xFc2Yy7jcLwCUVu7v6-2Velocd-BvZ__ykTnKWlYnVjtbEBJ5ypYHJKiGBJl-uZTNN159l_WHsUgeGTEJz2lQE_nrpINqcA&sai=AMfl-YSdZHB0EewBkfut_Fe_HR1uNLWqUVi_jiNlvlT4c8hpmxF9M4wMQKA2QYjn7YkstEslxsfFw9ar4O6h&sig=Cg0ArKJSzG7FrhBkjgIBEAE&cid=CAQSGwDUE5ymCxrYGlH9-I8skLuspb0oMQslwNOI0xgB&id=lidar2&mcvt=1057&p=0,0,204,711&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=14&adk=3450033336&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678156496226&rpt=792&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FED 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5A4 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGrDJXcQ5Qvm-hJCFdCBz8d1_1GxS7PVnxzGNMMZ_qZDXHPSeWzUXo4Nxqyfm51vJaufeBeMfQFyY28nA1K_NzFBHXyDPy1N5-qupuh1aal6LKCkKWE8NGA3OQpyx6hxRhakh56HT8DFSafcA4B-dAfw1z9OGxSxvDHob4YtCVzpACvMXsClEGEISoL583oNcbrb3xHeTprnPB3HlNmP513NsX9TwFJuKzqBHIShR_OqaYFMU800dR6Gp61JolPQdwkJTNE4YHqZp2-_ZARJdMdgf_YXNKf4xoAYNhEYLcPgDTUG-ghoDpTVAfpIAsq6a66rr8l4aNBeSu2zSncg-IbakrK4uUES8ujj7Z6YdcPUqlNMyA8XsBtZolooWlQ9oJxa_jXCqs9osK8ovhURiXN3VTc-r9EAtrZ1oIa_iTTlFBi2X46DdeCCbn6gITNv77cKDphfxFYESZoti2pehAbszvOZWFcaT44XrCdVut7oG04gbhHAwt1TL2iWG_si3DBX9Tvlw1KgDTxwkKLpY8y61no3kMTO5bsQF24YH7l1KeqJ_lfFf8BSId4di9A_DQZPlOsEeqWFpzWORLv0hVDdAiWVlwAlWJukdkqzXW_TMeWfVPRbB10x3-lU9R3yMKiLmeiPrn3hE0t10mPKzMmownjBjAheHdHYMgRSOdjxJgstehbJ2mlHfl_1lvtM4vrQaLG06FNKrtusPAybWWjCqnZf0Nh6pNBskD7hgR_Aj3NAmNGDXmVeesvp2IqUuzzmfYLaI5LxCi97BBeoMDUrGHl47uADKOTzQcwo189d5iaZYH_BIPL9DhsPyB29enjlBeP1GWbGxnXf8dqBb9flM360LuDT8L3e4-vqZv6sIaUCBCZjCP1Gj4_1FNVVTxT5ZThuH8U-qcPBtZCY25DXBAu7puHsokB7Yw1uJ7isJJ6zNamk72SpA7TJeoEhopoZVvyEej7FARrAQ&sai=AMfl-YSHPvEW3T5HWV72ZlcXvQ9jm4lPGS0bVRX-kWEdHDtB39oSF0avi_Sc1VFoRdZfDh7zqobiF_wrVkbGsegFpEPGCPOhkVgAvA&sig=Cg0ArKJSzJGl_2yCi3M1EAE&cid=CAQSGwDUE5ymMK1hmMbBSYoPFs2dD5qY5pjdxqYvfxgB&id=lidar2&mcvt=1077&p=0,0,600,279&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1304420653&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678156496288&rpt=843&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 72F0 930 B
931 B 61ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 07 Mar 2023 02:34:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 14 Mar 2023 02:34:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame FD16 2 KB
2 KB 122ms
62ms Script
text/html 35.177.30.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92521700008260104444992012256012&nw=1
Requested by: Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.30.54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 42d4544887da4fcbb609fabff16ae607a733277a23976ae76ed1f22374ed345d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
last-modified: Tue, 07 Mar 2023 02:34:58 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 07 Mar 2023 02:35:58 GMT

GET
H2

200

activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157 Show response
5994599.fls.doubleclick.net/ Frame 9339
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157?

392 B
324 B

48ms
47ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157?

Requested by

Host: mayvesinhmienbac.com.vn
URL: https://mayvesinhmienbac.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

0f34a4412d5960aaf78e132d290e404cb8fb25ed68d8c0032a7ea124809545b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
expires: Tue, 07 Mar 2023 02:34:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 63BB 6 KB
2 KB 38ms
15ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=52a991e2a1&subid=&uid=8426546f3311e05f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdG8D0KIGZOSkNci1gQfopaeoBablvaBppZGcp8kP8C4QASDqxo2BAWCVgoCArAfIAQmpAkUmxbd06bE-qAMBqgSCAk_QBpfBdIFIoiaYPlv95A-LG10zE7rMXpqKHzFkwO_hJv0Pv81qLW4arKxLVCOHJU_A9hW-7CmaqDHrHUyO4N4dSnFfp_Abn0sts7Nso5LOeti7ns8a-jftuh-dxPKIgaMXRqFP8A_zFTUs9qeFQU36suD5MzCh--m9IJmd_NBVvS5LKvkHWq93VddIjJeI0ebZpPCgYivo9N3ONN4LpRq6YTz-xAMz8y64o10N67WAiL6i_zoOH3doYxdxWsFge3uLPgBzowh9J9JPa-WizVFyVvk-q70mpvOcC-Ol20ha74gf8Lkavw6GkZXxGqYVVE_llSuSTAvssUgb27qp2GvEKcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADUE5ymkyr1Wtez811-2TneJygKFEdqBknciOTnEZNymAzzxpEYNlIyiiFko_pgsdWOkXKIJxIlbSIjeRgB%26sig%3DAOD64_3Jbp-77ymr6LVEXTklJ3betJEWoA%26client%3Dca-pub-2805726716437986%26dbm_c%3DAKAmf-C-6gV9gPU6ok4ZXJ7E99QZ7hhGrNNTFZ5WAzAYZo3PVlVJ6VM77e5Ww8hcJsFFNeXtmLrUEnJLVk5-f17yH6m8L-OlvmnXivqzTVkf1VdCBikbZUB9kXk02pcsJg5NZdndhwgDU5lgXIRTWhtZuNzhXqjqtlufnCdQuZ_ilJ0o4g7eNsk%26cry%3D1%26dbm_d%3DAKAmf-CM8DWytZ4YKQWfiI7LHFzBIRQBVFyjrsGt-Jf1mu9EhNYPxakyfZVBLrDtq6-6KqU7KIAm7704W7waf-WNBfdC9Ebm5P1x5dJA0h0QgeAcH9SzGY8EZhs6daeYjO4v7_hBCu2tok6ScnyWoMN220HARRzAbExfubWAshOBiZqabVuxZbDJAlhjBs5880y6ABWn72T5RVs9kAfQLOsDJaUcQf16TZfZqPS4LHs3MSIL6fTsgUSEArsjzMLPQgkraR8YIGsz4djoDuRf5C5rkJZeHnBjJHdgxKGO4rO2Q08tNP08eJC8zHItJaZ7VroIORTysGbzdbATJVAkCbCPx15--yK9m32J2FxuYA0seesggaOsQSy5a0syPPPfuzFJnm7yE9nOiuoILYJW0yDL_c4pzPWNwOwRUU2D78ZtItafgzN18BY7BsDl9jvy5aYppweP4kGyuSHL0Eu5nEkONX6zj5wfVbjteONAkCi_1udCXaw9os7zTNTC8nxYESAdL2H4QGNcEtOL7v4NsuZljYWvQXdnmTWRT0PRsv_YOeGi6zFtPGI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2805726716437986%26output%3Dhtml%26h%3D240%26adk%3D4155752550%26adf%3D1052737194%26pi%3Dt.aa~a.3654940567~rp.4%26w%3D279%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678156496%26rafmt%3D1%26to%3Dqs%26pwprc%3D5454045727%26format%3D279x240%26url%3Dhttps%253A%252F%252Fmayvesinhmienbac.com.vn%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678156496828%26bpp%3D1%26bdt%3D1730%26idt%3D1%26shv%3Dr20230302%26mjsv%3Dm202302230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe790d84a82624dc-225380ba45dd0009%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew%26gpic%3DUID%253D00000bc125e457ae%253AT%253D1678156496%253ART%253D1678156496%253AS%253DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA%26prev_fmts%3D711x271%252C0x0%252C711x271%252C279x600%252C279x600%252C279x600%26nras%3D2%26correlator%3D5361503642787%26frm%3D20%26pv%3D1%26ga_vid%3D690880222.1678156496%26ga_sid%3D1678156496%26ga_hid%3D242060656%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1046%26ady%3D4393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C31072714%26oid%3D2%26pvsid%3D125920033919632%26tmod%3D1687010401%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DaNm17ttfsZ%26p%3Dhttps%253A%2F%2Fmayvesinhmienbac.com.vn%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fmayvesinhmienbac.com.vn&random=3042352052094&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: b3a99394d944c149e02b4fa0b65d562f559fb0c158933b831513a48315fec1c5

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1872
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Mar 2023 02:34:58 GMT
Expires: Tue, 07 Mar 2023 02:34:58 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C065 1 KB
643 B 16ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Tue, 07 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FD16 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f873e2fd2ba9e7dc59eafd821c68fded22acc1938dd542f263cbf95757a081c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 63BB 4 KB
651 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 02:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 02:27:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 02:34:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 63BB 57 KB
57 KB 156ms
124ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 157c18d0e0458d3ba10cdbb997c27916ac7df1e43a00eb0b8331486321aac650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 02:34:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57935
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C065 0
104 B 216ms
26ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKBp6AwnZItMVBQboVDoyhs&google_cver=1&google_push=Aa02lx9uoeiOAfPEZQ-4LjqFkf7htR8kNJvJSpGKdeYxMl6rrBlAzBDPSdTGQVlvvTbQZ3KY0PSqqQpcaPlr_dmRmLvSAVaVBcAqqmU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C065
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9B...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J...

43 B
414 B

173ms
154ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a3f71449da23a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 279
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoi-8N6drC4d0WScAX2RkI&google_cver=1&google_push=Aa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx977itK82OM8KUBN5OWnDHKfqGpaP5DbIz7vcvT1JOU6gL6AWx0TP7Yj4AuJOagijxj2txE1u7e-XH6WYcw8Vyz7Uoqd5J9BCM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a3f7142ecc63a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C065
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKEKG4y4fVHZnHB-XQtREOc&google_cver=1&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCr...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKEKG4y4fVHZnHB-XQtREOc&google_cver=1&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s&google_hm=PzcyOhTlRgWhQbwJ9_P3...

170 B
188 B

27ms
26ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s&google_hm=PzcyOhTlRgWhQbwJ9_P3Zw==

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s&google_hm=PzcyOhTlRgWhQbwJ9_P3Zw==
date: Tue, 07 Mar 2023 02:34:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C065
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_hm=ZAai0ekePU2q5OLn-4nLzQAACLIAAAAB&google_nid=index&google_push=Aa02lx-MRTZ_8iyqF_-X_l1mEnZoIIz10mo91...

170 B
188 B

30ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_hm=ZAai0ekePU2q5OLn-4nLzQAACLIAAAAB&google_nid=index&google_push=Aa02lx-MRTZ_8iyqF_-X_l1mEnZoIIz10mo91eZgiPqz4yMbTA609-78bJQlz6yCCLf_4p01mDSlkWqna-UlZXA4NusQZTp980YExonN

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 02:34:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECnt1MR3YDsLmnXm07DUIVE&google_hm=ZAai0ekePU2q5OLn-4nLzQAACLIAAAAB&google_nid=index&google_push=Aa02lx-MRTZ_8iyqF_-X_l1mEnZoIIz10mo91eZgiPqz4yMbTA609-78bJQlz6yCCLf_4p01mDSlkWqna-UlZXA4NusQZTp980YExonN
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C065
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEILBtrA2T63WBINZRjywW8M&google_cver=1&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBM...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMB...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUwMzkwMDA4MzQzNDQ0ODQxNjk5NA%3D%3D&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj...

170 B
188 B

25ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUwMzkwMDA4MzQzNDQ0ODQxNjk5NA%3D%3D&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMBgCgxv

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUwMzkwMDA4MzQzNDQ0ODQxNjk5NA%3D%3D&google_push=Aa02lx_WhkVh9JlosZx9JHcDy2RJhMRFnMkxTLVzdcTCZ_UfVGF8QzVj28xVImc_M9R89soFZF4HQnM6YYpoQyxKso-czCDkBMBgCgxv
date: Tue, 07 Mar 2023 02:34:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame C065 0
45 B 209ms
18ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDMOpequjKU_4qDOy4vvoqY&google_cver=1&google_push=Aa02lx84SKG0o4zr-WzM98TLxlg6uXTkHXQ5r8ijp_F4jmKs0zVAmQ55hunDi_s7j9FPAnJaNRR3H68fIwwKXLx9A1QNm4IisV9_8G8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:57 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C065
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6W...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6WbE_RAJDcvFIgXUPZy...

170 B
188 B

32ms
26ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6WbE_RAJDcvFIgXUPZyHxmuGs2_1YKYnwTa5u2kudAjP9YZOwZlYL05rKX84pt2zl49zaLOyj2ZF5s6bFHs71aWoA

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Mar 2023 02:34:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f7084c12-2774-422a-997f-eddf378cd7ce
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ3NTgxMjc5Njk4NzU2NzMxOA%3D%3D&google_gid=CAESEDOVnEo7dTOO6Nz0bel6azU&google_cver=1&google_push=Aa02lx9sm_HBqhq6WbE_RAJDcvFIgXUPZyHxmuGs2_1YKYnwTa5u2kudAjP9YZOwZlYL05rKX84pt2zl49zaLOyj2ZF5s6bFHs71aWoA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C065 0
12 B 25ms
22ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICB4BpC6jWpLBDsu44K6LPXd3QE9QphUXOEnENTU_ViYtFhR-EvF78eqNHjC-z6NKpZJMMJQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 72F0 105 KB
41 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45b998ebd0118e7d0c25c17bd16cbd3406c95695095074d5c5d26e30983222e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41471
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:14:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Mar 2023 02:34:58 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 63BB 0
150 B 68ms
18ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=92521700008260104444992012256012&a=87812d1b&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=92521700008260104444992012256012&a=42d28485
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 02:34:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 63BB 13 KB
13 KB 25ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:41:23 GMT
x-content-type-options: nosniff
age: 384815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:41:23 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 63BB 13 KB
13 KB 25ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 439562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FD16 85 KB
31 KB 80ms
11ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92521700008260104444992012256012&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 00:37:38 GMT
content-encoding: gzip
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 7041
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G8CmEVtAkxKb8tmiBsi-NFmlw0XyIXidRp9x02SP8UyUdCPq56rQZw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame FD16 85 B
434 B 55ms
7ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1678156798&Signature=EkQyrwp2GF-QcmAM48fSic1YVvfw6Hhufh7MrXLbujs9tkkdEn6UITzCPSrFrJwWI2hPoc2DVK7fyLrEd92tWzKvCzD7I3iCodCTfnqml3Ev7g7JRqK8XT0G6rg-8fKq1w6cxrMLFhKAe2XDBizlBwYM~Wzob7I-KSHZAEHcr~w0RyeR7aXIQBfIa96xaMwaC1wn1sGPmHpJLRu0G~ZLknl0ub26g5QSMUWr4e1alCC57aHqiG584fKOfvQ7Vn91q1gp3zmkgFcjHGSIvBunggCB18QXag-XHgyJgq81c4DUFhDK-IsavqheGmtIGnH~uE4CCT3zzEfQwxU9SfQdXQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805726716437986&output=html&h=240&adk=4155752550&adf=1052737194&pi=t.aa~a.3654940567~rp.4&w=279&fwrn=4&fwrnh=100&lmt=1678156496&rafmt=1&to=qs&pwprc=5454045727&format=279x240&url=https%3A%2F%2Fmayvesinhmienbac.com.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678156496828&bpp=1&bdt=1730&idt=1&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe790d84a82624dc-225380ba45dd0009%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew&gpic=UID%3D00000bc125e457ae%3AT%3D1678156496%3ART%3D1678156496%3AS%3DALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA&prev_fmts=711x271%2C0x0%2C711x271%2C279x600%2C279x600%2C279x600&nras=2&correlator=5361503642787&frm=20&pv=1&ga_vid=690880222.1678156496&ga_sid=1678156496&ga_hid=242060656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=4393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C31072714&oid=2&pvsid=125920033919632&tmod=1687010401&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=aNm17ttfsZ&p=https%3A//mayvesinhmienbac.com.vn&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 06 Mar 2023 04:57:37 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 77842
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: jjyM6V2C3tYrgs4tcb_1fxjrt9RacbFwO7HcaLYu_h-j-cp53gSL2A==

GET
H3 200 dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157
adservice.google.com/ddm/fls/z/ Frame 9339 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COH514_kyP0CFQng1QodaIEIZw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3087761564305.6157?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 32ms
32ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230302&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cadc59c593a6367cdf0c70f384844884b4423ff45f02f515e03e589d66f90c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FED 0
20 B 92ms
86ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNi1-0aIGZP6eI9mNrASarZOgCgAAAAA4AeAEAg&bg=!nZ6lnsrNAAbv3-2Ez987ADkAdvg8WiXJ1-8SkscRcTtJyhWMzkRQt6L8JozwfRbGTfyWveQvFv_RjPIdTtFRntSuBAYZwfQxqU8CAAAA_lIAAAAEaAEHmQL3bmU5-El5VWfWA71cpfkqANY4cOw3kPHIgsXIaSMFUek6l0Ytw2n9Sxg5ToV8S9NYKNJLuhcah40SpVgDCbeLQVNZetb8tCVP1EyPNU8hZinAvhQEUdf7gQbEfc00iZlEjSKUzqEvCHhstBreTi9JqNrOoUjh0G6l-epvvURN-_2bs9oIgZTyaZxC5QsOoKM4Xb3hZci5LW8iVjqPIBvGeA0kgAizm9AQ0NotmhsCK9f4PgqkUfU8TvXw5AvpVvHEQXZl35XQmgzoWGTLD_dQMycF9lMcdN3b8nnfUkYAX0_wrn33qk-96lijTHJg80k06xNCj9QcH5npPs-roudUVWxor7pZ-k1D_CMrPYEAgrpDdzK8Du4fV3WUlcDwoMRU9aUyExb-0RLXKoJPegvzMsxiaGRsCrkrJt9YSXf7Cs7d8lENWWXs9sWAJUrpLQ8n63WzZJtE0GVFRHFUcsUUPh3-OPo8HjhutlDnsU-MwqMVF1EAgNjq7gnhdC6A8ixYoWlLb-X9YjV2P1JZxS3t1bTmtZPDlf6TaI0IVOl-cv18Knjulkn0lfJbIRNapy4IV3-chwokgy2C1ibRBqDZzwA8J02Aw2lePpkDGVzJmMs09Y2MzNGSgKv9sduazp7CMm0PX3U_jh56kUGTWj_trjsNnBNbL5_xtUWl8iD0C-P2CN7RrtxNUAJk6NFMgUXey0T_upMf0I2uaDRZp1ZLB87yuqb3tj7R1E5WGfk8M11tdwmv9i67d-NJ1K4W5jid2CxKGBjGx08ic5MOkeZ20vBazDOMB6pnwoeVRK_x3Ew2_chSihuaAlI8pTLUrjBQoVL1aN29BFbUSCTsS_32ZnlB5UcGgnyoEhCAlRIvuuJ0YbgdadnFIaWNoMpbOAcoLxVyway5Jzhc4o7qKPTYvqh0K33pRJPX2tgrrzLU3i4hf1GNRFA4mR3jt3paf7HuA8XFruoPpHQw-xQkUgcCx4X3euhgB2o4-RR7CAWvy3et74W_1SKb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 02:34:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90F9 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 22:41:42 GMT
expires: Tue, 05 Mar 2024 22:41:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97C1 783 B
533 B 27ms
26ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f95fd1f9ba6dcea7a09ab9aba0d129a9b952017a5f381aee91480a0bdfc93893

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A2Bozt7iIfrrdvwYmtw7RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mayvesinhmienbac.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-A2Bozt7iIfrrdvwYmtw7RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:34:58 GMT
expires: Tue, 07 Mar 2023 02:34:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97C1 0
0 49ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230302&jk=125920033919632&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 90F9 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:12:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 90F9 0
12 B 16ms
15ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GpmQZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:34:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3C1 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7pRiNeDNOjqYOnieJSkhbJgnJ7ECwbiLm4Z7rOIW6kIHy0JBvwAQ7inKNqgmdE7IUeIReH62liNrZBE1PjsOr9tWJ9swYOppYlGg9Hm6pPC7ieza3DH-uqyUewJEI43__UnotkQ&sai=AMfl-YQ_laovaMooyhKY7ArT5Oa09mUA5JvcT-ojGsnQhOEGcIZxm6RLY3k2jekDHKSBq0bYNBgd6nSRFVg2&sig=Cg0ArKJSzPjEmqAEdUGCEAE&cid=CAQSGwDUE5ymd0zyFRBe59FQOZYmlTvcp_6fhr8c9hgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678156497035&rpt=720&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA16 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgmbeuNrRI-eML-GPlKVC3LhFUF8t7mplK-kNine76-a9WtaNlRx7cI8FFN13RrOydUYLxXajy2-o1ShnpKtHkfnd7frOheDWHb0FmMLZJA9zIQvNesTcRRkay5aYMBIAJRVNnGQ&sai=AMfl-YTTxyb5hfpQuKuRD3Rs13xzieynnkNei8vR_GX6J980OJYsnJBj8bmggSwoYB4O4Loiwt6nhDV4_10I&sig=Cg0ArKJSzBqkQNSg17d_EAE&cid=CAQSGwDUE5ymd0zyFRBe59FQOZYmlTvcp_6fhr8c9hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=576,1000,1000,1000,1000&tos=576,424,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678156497038&rpt=834&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FD16 16 B
232 B 73ms
72ms Fetch
application/json 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Mar 2023 02:34:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 80ms
21ms Preflight 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 07 Mar 2023 02:34:59 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230302&jk=125920033919632&bg=!qKulq__NAAbv3-2Ez987ADkAdvg8WlbYdqKgLNw9MlcTIRc7Rzme1AmtHCPbJWTuL3wadsr7RJsf_A6IeLw2Bu1-1RwM7vu9amgCAAAAeVIAAAACaAEHCgApQxrjCopGM3NOWlnYDgXIifpdaPCrYOPUzVtQQpMCzQMFAmWbQdawQWOZArdS9uAaX2NH22LalwewhAR1zzgLbllIP8lnZv0TAlSB4TUbRH3CEua8tEgdcxVD7cTc_ipxhm4qnH03m7X3S0ESYooB8mhe7uvh2xuIsP1kRfke63zUBqqQaAhwNB1dgIs2Qum4dJZTcH6ropqs92aROw0NTeFXHnORnMnR8Wd7WspfPHmlHpYrgc3-tPUS7_ucH13qiqwPjxrjKwPdsxBxpKnsYlbbzm2zzOb2CMuUOcYChDZ2gef_2DDHksnMGORywu5tt9mJ708Y87Ew1GXwuf6hoHjDwvXIW4dLbMMbFKm-rMkwIcPtxwd7e8zaRC5MtVSykBTgClYJmvc433fnbxWnXsPr6S6tEXRQvVj5goSrqRhEESu2U0GQX2XulxsUkFuMxh2lyReXu071UITmtUK94-wsxddtPLDiQo6n4JFx5xg1DeaRqsplmHqdDqtGNbU2Bs9umzLiYrMouxO4Ame9-1IPdWP4hBE2PI00XNbWoOffAWyJTPT0YsDis0MWmbqelcLSgxMIVroT2EHpzptYnelEf7WzSDcC5iSLNec342N_EkIe5JRG2EmFtBkL8CvuE4c7wErpqMofSPaBfr4i1pTEoVM1kSvhWK6PdNTYvxxbAvcMwdN3i80PQAjMcVDr2iXgSJbBg0Qilf-Y0asfWARG1apOVhsqQbr8t5oRwTiKo2XzcXpAfS5oc8NRR3KhLWH4QPRDt6XXK8C06TKOyJE7W3OtfqSpIvnII6hr_Skl5uUwN5GIggPjN2sVcml_H_a7JVfayashQz66bczjQV7H3Cwhpqn8uKlQHK354KoYOlWf2zrlBgLNEtkQ1VxJBx2427a0DK7fvgbYY7Y2AFShKHtSqSoevD8jJ3w01IiKH_5-GWKUVqrNtzJKnQB9WkBLSWo8hOsJa2hT_W-GUo6hpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD16 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1728077627811&version=m202301230201&ct=77&x=1&cor=497959030664232500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 02:34:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 May-rua-xe-yp-800x500-1.jpg
yenphat.com/wp-content/uploads/2023/02/ 260 KB
261 KB 237ms
236ms Image
image/jpeg 103.75.185.69
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenphat.com/wp-content/uploads/2023/02/May-rua-xe-yp-800x500-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.75.185.69 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c654fd9e97688caa2159050f52faa32ce5f189cd43c16f819b38d7621855d4d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mayvesinhmienbac.com.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:35:03 GMT
last-modified: Thu, 09 Feb 2023 07:56:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
content-length: 266749
expires: Tue, 14 Mar 2023 02:35:03 GMT

POST
H2 200 / Show response
mayvesinhmienbac.com.vn/track-banner/ 44 B
109 B 1211ms
1211ms XHR
text/html 103.21.150.185
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mayvesinhmienbac.com.vn/track-banner/
Requested by: Host: yenphat.com
URL: https://yenphat.com/scripts/banner.min.js?ver=1881123480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.21.150.185 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.3.30
Resource Hash: 0f60813cdd896b9884f24f039bc342a7c1e7a3ef43c92714c573fe84dd5f82ed

Request headers

Referer: https://mayvesinhmienbac.com.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 07 Mar 2023 02:35:04 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.30
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-litespeed-tag: 26c_HTTP.200
link: <https://mayvesinhmienbac.com.vn/wp-json/>; rel="https://api.w.org/"
content-length: 44
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mayvesinhmienbac.com.vn/	1970-01-20 19:45:16	Name: _ga Value: GA1.3.690880222.1678156496
.mayvesinhmienbac.com.vn/	1970-01-20 10:10:42	Name: _gid Value: GA1.3.279984574.1678156496
.mayvesinhmienbac.com.vn/	1970-01-20 10:09:16	Name: _gat_gtag_UA_219747095_1 Value: 1
.mayvesinhmienbac.com.vn/	1970-01-20 10:09:16	Name: _gat_gtag_UA_250290217_1 Value: 1
.mayvesinhmienbac.com.vn/	1970-01-20 19:30:52	Name: __gads Value: ID=fe790d84a82624dc-225380ba45dd0009:T=1678156496:RT=1678156496:S=ALNI_MYx9cJEFrpcHP2JFSWiGsQLh5RFew
.mayvesinhmienbac.com.vn/	1970-01-20 19:30:52	Name: __gpi Value: UID=00000bc125e457ae:T=1678156496:RT=1678156496:S=ALNI_MbU7wwOajFGrbg09wqoPXv7VrdpYA
.doubleclick.net/	1970-01-20 19:30:52	Name: IDE Value: AHWqTUlz3_qujkbBpgQwE7OkBE--HPxHft3WPCN7NUEYYTC-qPiAOWCslmB79MimBwE
.doubleclick.net/	1970-01-20 10:09:20	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:18:52	Name: uuid2 Value: 7475812796987567318
.casalemedia.com/	1970-01-20 18:54:52	Name: CMID Value: ZAai0ekePU2q5OLn.4nLzQAA
.casalemedia.com/	1970-01-20 12:18:52	Name: CMPS Value: 2226
.casalemedia.com/	1970-01-20 12:18:52	Name: CMPRO Value: 2226
.adnxs.com/	1970-01-20 12:18:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUeLl>aV!@wnfH8K6pQK`!5=E<L5?%LWkNTK6jD0yf6'C/t/[7756WhiJA8e+hAY[p0bpRzqF1`b^Gm)sC<f
.redintelligence.net/	1970-01-20 12:18:52	Name: 8lcfmzhxc8d6_uid Value: e5bc4af7b882b43b
.3lift.com/	1970-01-20 12:18:52	Name: tluid Value: 3503900083434448416994
.office-partner.de/	1970-01-20 19:45:16	Name: source Value: {"webgains_webgains":{"timestamp":1678156498445,"clickCookie":false}}
.bidswitch.net/	1970-01-20 18:54:52	Name: tuuid Value: 3f37323a-14e5-4605-a141-bc09f7f3f767
.bidswitch.net/	1970-01-20 18:54:52	Name: c Value: 1678156498
.bidswitch.net/	1970-01-20 18:54:52	Name: tuuid_lu Value: 1678156498
.bidswitch.net/	1970-01-20 10:09:16	Name: google_push Value: Aa02lx-2Y_GSg_RjZhiGqRRuozTwEJs9e9nPedeBNlotZy97EPK9XV5Y8JlpYplwUoqB8OMBO0NENz8FTKxafE6rjfCrfanPv9T8z8s
.tribalfusion.com/	1970-01-20 12:18:52	Name: ANON_ID Value: aenseFu4YUdmqcn63g8PLdKDFeIgfHZc0cuvs3lRrnJD0aanZcL9vVDhUiLKLtgZcpVJfSDbdQFgZbQdYMvcUd7N

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-2805726716437986&fa=4&ifi=10&uci=a!a&btvi=5&xpc=ZhV7s68rKB&p=https%3A//mayvesinhmienbac.com.vn Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-2805726716437986&fa=1&ifi=11&uci=a!b&btvi=6&xpc=O6FJy7Kio6&p=https%3A//mayvesinhmienbac.com.vn Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tribalfusion.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
ib.adnxs.com
mayvesinhmienbac.com.vn
pagead2.googlesyndication.com
partner.googleadservices.com
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yenphat.com
103.21.150.185
103.75.185.69
138.201.84.244
142.250.186.70
18.133.166.146
18.66.147.41
185.80.39.216
185.86.139.102
185.89.210.20
185.89.211.84
2001:4860:4802:34::178
216.58.212.130
2606:4700::6812:19ad
2a00:1450:4001:806::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:400d:802::2003
2a00:1450:400d:80d::2002
2a02:fa8:8806:20::2010
2a0b:4d07:102::1
3.65.209.188
35.177.30.54
76.223.111.18
94.130.102.164
99.86.4.36
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0b252e9ad8307e40e5f114519473798912f65a90a3c49b6b97b0b14f0344cf4c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f34a4412d5960aaf78e132d290e404cb8fb25ed68d8c0032a7ea124809545b0
0f60813cdd896b9884f24f039bc342a7c1e7a3ef43c92714c573fe84dd5f82ed
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
157c18d0e0458d3ba10cdbb997c27916ac7df1e43a00eb0b8331486321aac650
164db9f4ee245a9eba4e76b41e1a569f09265d90caa5d4dcc0048be833743c0c
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
205ca3af2fc80977150617e07a3a7013b51381fcfbeef969f8dcf179c73a7309
22dbf3b0efbd1a2d48320a266e28230ef15cbd47de5f1542d13905b804bf9275
23c5d53f3aa35aad91313e93637a8b29cf28ca2b9dd4b02182483e82bf0ffa6c
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
26d3bbbb283ce5b0940bd4810becf70d1a151d7fa468917be5b7334f965497d4
2b72f3158b65b59ab4c59f149997de83f2e3426aa77c04b3b6331d3f4c1057e3
2c105937611bf2ae0440dd62ed1e2a8a2a5f43584899cfa89b444c1ac32f3caf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b0ec13f05fd6f5ae3b96abab80693f17a2d1c360ec4edd7ac3975db6becf1b
32519148ba54a668fdf17ad03181d18ef87aeacc1c6b1e9fcfff227634f5311c
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
36f9dc40578c04de097cd3ef212dfadbc26ec2feed2f88b20964ad75ed9dc872
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3aa87688779f05f672cc70204a5302e9008ce10eeb012c9bba17afa2b9626463
3cce85ee52825effa5cdf1a943a527902fb43430bc7a46ae562e304aaf0ccc74
40f0cea3336f5fe215b0d98439e20a016aa1950cd0693106a5e24d73e90384a6
41602fa529d206badcb52fcbcf073e056595f8488cd01f5ca0cde50dc8b6084e
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
42bf036bd50a9c8c48c7c7be3f0dd80d471351efd0433dee1e0e504317320c4a
42d4544887da4fcbb609fabff16ae607a733277a23976ae76ed1f22374ed345d
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
43e2af1dc755343b261295b69c2080688ae4ad9d7f96601498e64a65cd29a2dd
45b998ebd0118e7d0c25c17bd16cbd3406c95695095074d5c5d26e30983222e1
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fd2a7e5544cb7c9ced99dfc654164396a734baf07940de596a73dbb8c0ebe5
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
59095fb8a570b06f177ea040f7ba9e97a74b893bae4c69e485b6347a2f3843c8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7649552ffdc896260289ddaea4dd89c30d59575f4caae0b222ef942811f34e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d28d21087462a24f07e540b28366958d068f99b52ce995eafad0c7e8cc2c55c
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e9244034aa1a19ac32a5b49ecef346a0554ae76eca726226ab5ce6644676e9
63c8cad4aea56abaa379c78ebfe344922a931ca8a6f7fc42174302023b47596b
689a97639bd9ebfaad3542753b24340111c7ff14a9bc03db98208e8f0cedd629
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0ae065be1a08f4dc8db440c64d785bc94f5d4e3d4ae23019b38f92c297e40a
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6f6840fc8c8bfb0b577762ec2022cff337644ac9aab2a4cd0aede1e4c0186c3d
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7ad1b1b7a6f9577b60cb8e660d33d7477a797762ae1f5195ec31ce46df96eb3f
7cadc59c593a6367cdf0c70f384844884b4423ff45f02f515e03e589d66f90c0
7d2b202e7f1a9355e3bbda5cbaa1d3dcb2c842ae9463e64692c69a33858a879a
7eddeff7a157e6dd0fef737ca332d3bdc613541be3e7d73843dc4ed8c87ea87d
849d62eb57f223b0b89a504b9b90f386fe90ae86f9c0c7e70975365c522ac3bf
85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9
8753ba6b95fcf0ef441175e6a85f93d7debb004e2a8a7068047284ffde2021d2
91f760eaddf26760ea85352cbdbdf23ec4b925f3543d4c3738110e427ea03cfc
96e0d1e6e522cdfb78b12a697adc3425e56f94d7bde55dd62c43ac23b0caf972
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b98d21d7e5e8f24c98e313e3eef8e29e97611019d9d1a53cf52e5fd3f5c95ed
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a8925736a6d04e3a3659bdadfbd2c5f9f8bcac0fc1d03237488dd92b9c511a
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1351e9c32cca2207b3d3d41457349ce514ca9d6eafc626c0b291c596dbb0b89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b3a99394d944c149e02b4fa0b65d562f559fb0c158933b831513a48315fec1c5
b7dcf3670292ce9bf2bdddcb790a215580b1ce620e52b22c325d342708ade4e6
b967fae86c5b5ce1ba7c560983e97353f23e3d196c45b1782a175a9029276f52
bc501f0d6eb72a8bba9836e0c49735c0e9c369a49456d33b1fc9ef91c6841924
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcc4f890992ae9f7d37371fc3bd8838e05143bbd0db454e81f56249819750a20
bd64bc7bfe94a1ac43581bc1cae95116f632b9acd2a679365c39ab88d0f34373
c0b4165e30b8421804de045a05492167d10fb1a96a5349ade4cb9642c4d87aee
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c268ad839371ae6f0f02e145201effeb74c011cd89a3ad01383e216280859882
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c48e4e0604f5e04049d0b9f6a8b63d31b607f1abc2c7e08a5c0a1f725ae4dd55
c654fd9e97688caa2159050f52faa32ce5f189cd43c16f819b38d7621855d4d8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c961c13ec5b0b257ee7049bdeb1078def025e3ee6c02ca609b6a45e2ca48056f
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cac19c5c2f3762a4c1bb92df66ea7542882ffb16a7ccf3020383dba6ebb3fe88
cc1ab02e733ad8277b5dee7d996615082cd4606fe96d8b148c944f4d2f0e4952
cd3ebef39995f80cb719e8d6c3687476caef99a7278e17415125d0a5ef581e80
ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a
d577e2c118ad3e54b702d887724897cbccdcb9f0db279f0c94ba1e87d1c58007
d74d6d7e30ddcf084adc7687a2b1c97ef0da4213ca2a4aefaba8cafacccdf517
db38d633fae5c82407b891da923a4a0a657fd7bcf2798f15c55b82977aeef864
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e16a4fd4512799598b1e54d8acac4e04c1d409fdac1b503f0428dfc1581feb5d
e1e55fc2a7602837530109b0aa0d6a800ddde5a71e1af15b24e21dea5159f726
e241cfe6c348347220744675648b624fb58271c3821dc2e41c3aebe51f028b80
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e389b33bf1795738dc06fbb84540209a7dfc3d070e89ccc1826572e41bead36b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67dcd83066d9689fee5822bdbba52ea96d309d76e5c6c3904fdef2e53b85840
e874ef521ef10a4cd837745d63bfb9a23515aa4b24fa330711badaa06a0469e3
eeecc06a84d03749f59ae5281c9377d23a5b9d636ae11ef13ef5cd864b2a6bf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f41fbe6e7af5d6559e63dc7bb6f8e98093a9bb67ce29e200d9c2508d66041b12
f4e5c3c7e99b29b42d5602f64cc62801a3ee8ef9b7a59c3ae8941fe0fb5aefa9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f873e2fd2ba9e7dc59eafd821c68fded22acc1938dd542f263cbf95757a081c2
f95fd1f9ba6dcea7a09ab9aba0d129a9b952017a5f381aee91480a0bdfc93893
f96e6ccf4a8d156fea525f514439cfed7d67226f712d49e2e0e6c08673086543

mayvesinhmienbac.com.vn Open in urlscan Pro 103.21.150.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

95 %HTTPS

50 %IPv6

24 Domains

35 Subdomains

30 IPs

9 Countries

3571 kBTransfer

7544 kBSize

21 Cookies

3 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mayvesinhmienbac.com.vn Open in urlscan Pro
103.21.150.185 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

95 %
HTTPS

50 %
IPv6

24
Domains

35
Subdomains

30
IPs

9
Countries

3571 kB
Transfer

7544 kB
Size

21
Cookies

207 HTTP transactions
20 data transactions