kytuten.lat Open in urlscan Pro
157.10.52.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kytuten.lat/
Submission: On February 17 via api (February 17th 2024, 2:50:23 pm UTC) from US — Scanned from US

Summary HTTP 68 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 68 HTTP transactions. The main IP is 157.10.52.121, located in Viet Nam and belongs to SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED, VN. The main domain is kytuten.lat.
TLS certificate: Issued by R3 on February 17th 2024. Valid for: 3 months.

This is the only time kytuten.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	157.10.52.121 157.10.52.121	151893 (SUCCESS-V...) (SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED)
6	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
1	2606:4700:303... 2606:4700:3036::ac43:d5b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:a199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::6815:4aa7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 7	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
2 2	23.76.43.24 23.76.43.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:ae80:147... 2606:ae80:1471:1c::2010	25751 (VALUECLICK) (VALUECLICK)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	18.215.133.183 18.215.133.183	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:6b8::90 2a02:6b8::90	208398 (TELETECH) (TELETECH)
1 1	2a02:6b8:a::a 2a02:6b8:a::a	208398 (TELETECH) (TELETECH)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:80d::200e	() ()
1	2607:f8b0:400... 2607:f8b0:4006:824::200e	() ()
2	2607:f8b0:402... 2607:f8b0:4023:1407::54	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	() ()
68	24

3 157.10.52.121 (Viet Nam)

ASN151893 (SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED, VN)

kytuten.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d5b5 (United States)

ASN13335 (CLOUDFLARENET, US)

api.uxsoft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:a199 (United States)

ASN13335 (CLOUDFLARENET, US)

link4m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4aa7 (United States)

ASN13335 (CLOUDFLARENET, US)

api.topkiemtien365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.80.2 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.76.43.24 (Lithia Springs, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-43-24.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:1c::2010 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.133.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-133-183.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Russian Federation) 1 redirects

ASN208398 (TELETECH, RS)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Russian Federation) 1 redirects

ASN208398 (TELETECH, RS)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::200e (None, ) 1 redirects

ASN- ()

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (None, )

ASN- ()

developers.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1407::54 (None, )

ASN- ()

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (None, )

ASN- ()

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	352 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	54 KB
12	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 apis.google.com developers.google.com accounts.google.com	150 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	494 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 6185 yandex.ru — Cisco Umbrella Rank: 1792	3 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	55 KB
3	kytuten.lat kytuten.lat	107 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3850	891 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 2106	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1011 r.turn.com — Cisco Umbrella Rank: 4758	869 B
2	topkiemtien365.com api.topkiemtien365.com	423 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1794	645 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 14817	641 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7144	553 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	link4m.co link4m.co	644 B
1	uxsoft.co api.uxsoft.co	13 KB
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 16815	3 KB
68	20

	Domain	Requested by
9	pagead2.googlesyndication.com	kytuten.lat pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	apis.google.com	1 redirects kytuten.lat apis.google.com accounts.google.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com kytuten.lat pagead2.googlesyndication.com
6	www.googletagmanager.com	kytuten.lat www.googletagmanager.com www.google-analytics.com
3	www.google.com	kytuten.lat googleads.g.doubleclick.net tpc.googlesyndication.com
3	kytuten.lat	kytuten.lat
2	accounts.google.com	apis.google.com kytuten.lat
2	www.googleadservices.com
2	an.yandex.ru	1 redirects
2	dclk-match.dotomi.com	2 redirects
2	px.owneriq.net	2 redirects
2	api.topkiemtien365.com	api.uxsoft.co
1	ssl.gstatic.com	accounts.google.com
1	developers.google.com	apis.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	yandex.ru	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	link4m.co	kytuten.lat
1	api.uxsoft.co	kytuten.lat
1	images.dmca.com	kytuten.lat
68	29

This site contains links to these domains. Also see Links.

Domain
daohan.id.vn
www.facebook.com
kituvui.com
nick-finder.com
bangchucai.net
www.dmca.com

Subject Issuer	Validity	Valid
kytuten.lat R3	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
images.dmca.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
uxsoft.co GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
link4m.co E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
topkiemtien365.com GTS CA 1P5	`2023-12-20` - `2024-03-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://kytuten.lat/
Frame ID: A12EAFD09B1109E11DC148D20652FADA
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=2107787813&pi=t.aa~a.3539804474~i.59~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256749&bpp=1&bdt=27272&idt=1&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600&nras=8&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4524&biw=1920&bih=918&scr_x=0&scr_y=865&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=6&uci=a!6&btvi=7&fsb=1&xpc=ESxQwiUVUq&p=https%3A//kituhay.com&dtd=1559
Frame ID: 04DDA28A614F8C960BAA0DBEDE80714B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=1411505461&pi=t.aa~a.3539804474~i.61~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256752&bpp=1&bdt=27274&idt=0&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600%2C1064x280&nras=9&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4842&biw=1920&bih=918&scr_x=0&scr_y=1195&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=FQEwaTJV4u&p=https%3A//kituhay.com&dtd=1697
Frame ID: AEE447BD3A406A355F67AED191B5713E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 11203AFCEECD2A5D2119E1E14F5C6881
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6965367340179025&output=html&adk=1812271804&adf=3025194257&lmt=1708181413&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fkytuten.lat%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708181413228&bpp=6&bdt=590&idt=306&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6281104303615&frm=20&pv=2&ga_vid=618348578.1708181413&ga_sid=1708181414&ga_hid=714405041&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081221%2C95324581%2C95325067%2C31081219%2C95323760%2C95321868%2C95324155%2C95324161%2C95324432&oid=2&pvsid=2329858488972596&tmod=1296542557&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=365
Frame ID: CE523F606C730C72B635530CC7AB8141
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A6C4AE8FAED7051E55F89A0BCCD3BEF5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: 4A202C92E5F2E37CC8C9599A72DF4C5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C51F24F25F7B1FE37F7CFB858E3271D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBA8783B854AA394B8004025E8817B8A
Requests: 2 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 012DDD322DE2D417A17AFA6342FDF959
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkytuten.lat&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Frame ID: DCDE571CD848588D13F2B2B64DFD3FFE
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kí Tự Đặc Biệt Đẹp ❤️ Tạo Tên Game Hay Độc Nhất Số 1️⃣ VN

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

68
Requests

90 %
HTTPS

75 %
IPv6

20
Domains

29
Subdomains

24
IPs

4
Countries

1252 kB
Transfer

3614 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://daohan.id.vn/tao-chu-ky.html
Title: Tạo chữ ký

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://kytuten.lat/
Title: Chia sẻ

Search URL Search Domain Scan URL

URL: https://kituvui.com/page/gioi-thieu-n38.html
Title: Introduce

Search URL Search Domain Scan URL

URL: https://kituvui.com/page/chinh-sach-n39.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://nick-finder.com/lien-he.html
Title: Contact

Search URL Search Domain Scan URL

URL: https://bangchucai.net/
Title: Bảng chữ cái tiếng việt

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=2b3d40ec-9e40-4f11-98bb-6fa4b8bc40fd

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1&google_push=AXcoOmSf656fv5cFdN1WGAFUCG4zNnk27vNGWytMkuRDrYT1UeOthgdHpbeXgOucPWMquK-YvWrPNXPVo7pbkJc5FzYoXn2OoA86FC0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NjA2NzYyNDMzMTM0NzI0Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1

Request Chain 42

https://px.owneriq.net/ecmg?google_gid=CAESEI-GrTQ3w6LMDZjettXyrWg&google_cver=1&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE%26google_cver%3d1%26google_gid%3dCAESEI-GrTQ3w6LMDZjettXyrWg%26google_hm%3dUTc2MTQ2NzgxMzEzNjcwOTk5Mjg%3d&uid=Q7614678131367099928&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE&google_cver=1&google_gid=CAESEI-GrTQ3w6LMDZjettXyrWg&google_hm=UTc2MTQ2NzgxMzEzNjcwOTk5Mjg=

Request Chain 43

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_cver=1&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULigqff_iZuHfQkAVJhesKqzE2LFcsKd38LU_rEU0AySxJ-VTuIw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=535ccc796aa6050e&is_secure=true&networkId=14000&version=1&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_cver=1&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULigqff_iZuHfQkAVJhesKqzE2LFcsKd38LU_rEU0AySxJ-VTuIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACLLyXVZsLjwNHU8U1AAAAAAA&expiration=1708267813&google_cver=1&is_secure=true&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULigqff_iZuHfQkAVJhesKqzE2LFcsKd38LU_rEU0AySxJ-VTuIw

Request Chain 44

https://ads.travelaudience.com/google_pixel?google_gid=CAESECotkgNaMBqzaXnashHKXiE&google_cver=1&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOVRm5IMIbdl-0LOM4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HsH2sakfSM8Us2qQhHsjfg&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOVRm5IMIbdl-0LOM4

Request Chain 46

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEM69-IdROAxxXb1N2lGlzbU&google_cver=1&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwGEW8soD7gjeiBU-FY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fEywqSz8sEuNLy1oCq5YSw&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwGEW8soD7gjeiBU-FY

Request Chain 47

https://an.yandex.ru/mapuid/google/CAESEAnUPrPFc7z7Lpk-TQDDR9g?ext-param=AXcoOmRHRbXnR1-S6-m42FZ2MJo9MQNeh8m3W0-hZ5lctJsTxzc--kJPdJiD6TTp7j74GHQ0KKbjoHAtdsO6WACxZzHHYTdt3cDNVmw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://yandex.ru/an/mapuid/google/CAESEAnUPrPFc7z7Lpk-TQDDR9g?redir-setuniq=1&ext-param=AXcoOmRHRbXnR1-S6-m42FZ2MJo9MQNeh8m3W0-hZ5lctJsTxzc--kJPdJiD6TTp7j74GHQ0KKbjoHAtdsO6WACxZzHHYTdt3cDNVmw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAnUPrPFc7z7Lpk-TQDDR9g&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpz5bpcfQZYOIBt6BoPMPrZO54ATkw-nfdfbXuOKBEtrZHhABIIvAqYMBYMnGqYvApNgPoAGRzbS-A8gBCagDAcgDywSqBMQBT9Awd7VBeyAv2JzzBCHR234TPvQg7djkkgK3cvS_rTdS33p0K9adIuhpVzQrQ3if-IxmFjAE3-m3PbqDecDWyCvnWGj7l4Y-v17vQarlAUTvdKoFqsfb5nsA-rd8hxCdyClrTES9I1OuliHHjW1Y2XoLsJiq80CHIuLeZkbmt6otf7acOwmuAex5tWeAZ_vzWMFiNOGMCvYMnf-BRbvTNF1L0lVj3UgvsnK7EIAIbDqcTAfgq2aV_LAfWIGdQ2OoTdArzcAEuc_ujL4EiAWusOHKTZIFBAgEGAGSBQQIBRgEoAYugAfXsstBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQsLwH0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WMbN29LPsoQDmgkraHR0cHM6Ly93d3cuZGlhbHBhZC5jb20vYWktbGFicy9kaWFscGFkLWdwdIAKAcgLAdoMEQoLEOD31KXD76_NugESAgED2BMK0BUBmBYBgBcBshccChoIABIUcHViLTYzNzE3NDc0MzAzOTQxMTkYAA&sigh=yrJHst0NRbE&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_ifO7Ou-YFxHMpadoP4t44KUDSeB-LalKgoUmteqy0Tc6Lt_O_MHevGzYxxb2jglljVHYZTl_MhgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc11ccb2e375db32d0000000000000000%22,%222%22:%220x23a7ae99f1e234e30000000000000000%22,%223%22:%220x8895ed5a15b0d6020000000000000000%22,%224%22:%220x741951b3b27161ce0000000000000000%22,%225%22:%220x4baa5f97ee356bb30000000000000000%22},%22debug_key%22:%2218252304496363863078%22,%22debug_reporting%22:true,%22destination%22:%22https://dialpad.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22936191633%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228440657015486139169%22}&andc=true

Request Chain 67

https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&action=share&annotation=bubble&origin=https%3A%2F%2Fkytuten.lat&url=https%3A%2F%2Fkytuten.lat%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__ HTTP 301
https://developers.google.com/

68 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kytuten.lat/ 293 KB
42 KB 2794ms
2240ms Document
text/html 157.10.52.121
SUCCESS-VN DIGI S...

General

Check archive.org

Show headers Download Go to

Full URL: https://kytuten.lat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.10.52.121 , Viet Nam, ASN151893 (SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c24d9761622eca2a012a72722492f5a03adddbacc5efc74b10bac77093033b4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 14:50:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 52ms
28ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K65ZB0PB98

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

967c09a0617bd356a7729c14942414ed68c70ba90516d1c4970b417ac0a9f176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 14:50:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
68 KB 50ms
27ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K78SV65

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d61456cd5b10db0695a20a25d575cafd3a426e1ddd8196300e0d6d30bec27cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69384
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Feb 2024 14:50:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 77ms
54ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WWD2Q2G3YW

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

224d3653180187869549492cc115e50089b40cb0a2f6ac79d4cc14e83612f250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 14:50:12 GMT

GET
H2 200 kytuvui_1685552109.png
kytuten.lat/images/config/ 17 KB
17 KB 255ms
252ms Image
image/png 157.10.52.121
SUCCESS-VN DIGI S...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kytuten.lat/images/config/kytuvui_1685552109.png
Requested by: Host: kytuten.lat
URL: https://kytuten.lat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.10.52.121 , Viet Nam, ASN151893 (SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 458abeb71fd85cc4a455d260bc6c84199259beea8ffac264e2a689ae4645eeae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
last-modified: Wed, 31 May 2023 16:55:09 GMT
server: LiteSpeed
etag: "4460-64777bed-1c594a;;;"
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 17504
expires: Sun, 18 Feb 2024 02:50:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 20ms
3ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K78SV65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 14:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 17 Feb 2024 16:06:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786542058/ 2 KB
2 KB 57ms
31ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786542058/?random=1708181412781&cv=11&fst=1708181412781&bg=ffffff&guid=ON&async=1&gtm=45He42e0v892476503za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fkytuten.lat%2F&hn=www.googleadservices.com&frm=0&tiba=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&npa=0&pscdl=noapi&auid=796498863.1708181413&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K78SV65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c025d58a0d9c50fea813bba8feb95b3463822d091bc31928d11ff76772f3d313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 36ms
35ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K65ZB0PB98&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K78SV65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90977487ab9e0cceb2904f7fe6e2366463466c46edc007738bb7edd033507ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 14:50:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
86 KB 38ms
38ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WWD2Q2G3YW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K78SV65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33a71d68dfc2ad2c6ea777dde07b3b8957e414250a9f2992f9ae6dd81ae1bf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 14:50:12 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 18ms
17ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WWD2Q2G3YW&gtm=45je42e0v892317122za200&_p=1708181412676&gcd=13l3l3l3l1&npa=0&dma=0&cid=618348578.1708181413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708181412&sct=1&seg=0&dl=https%3A%2F%2Fkytuten.lat%2F&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3021
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWD2Q2G3YW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 22ms
21ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K65ZB0PB98&gtm=45je42e0v889849833za200&_p=1708181412676&gcd=13l3l3l3l1&npa=0&dma=0&cid=618348578.1708181413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708181412&sct=1&seg=0&dl=https%3A%2F%2Fkytuten.lat%2F&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3044
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K65ZB0PB98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 21ms
21ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=714405041&t=pageview&_s=1&dl=https%3A%2F%2Fkytuten.lat%2F&ul=en-us&de=UTF-8&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1368722267&gjid=303943890&cid=618348578.1708181413&tid=UA-238389093-1&_gid=1493168714.1708181413&_r=1&_slc=1&gtm=45He42e0n81K78SV65v892476503za200&gcd=13l3l3l3l1&dma=0&z=1731647772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

46a94b8ad7192887f8f2fe0d4be4cb4c0ed62f74b7489ceefa94b39b4966592e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kytuten.lat/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 04DD 864 B
806 B 473ms
333ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=2107787813&pi=t.aa~a.3539804474~i.59~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256749&bpp=1&bdt=27272&idt=1&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600&nras=8&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4524&biw=1920&bih=918&scr_x=0&scr_y=865&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=6&uci=a!6&btvi=7&fsb=1&xpc=ESxQwiUVUq&p=https%3A//kituhay.com&dtd=1559

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b043fbd62887397507b9e8c4ed5ae7e1d599573fb732521aa731ec2a4e55709d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 439
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 14:50:13 GMT
expires: Sat, 17 Feb 2024 14:50:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEE4 141 KB
46 KB 625ms
487ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=1411505461&pi=t.aa~a.3539804474~i.61~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256752&bpp=1&bdt=27274&idt=0&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600%2C1064x280&nras=9&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4842&biw=1920&bih=918&scr_x=0&scr_y=1195&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=FQEwaTJV4u&p=https%3A//kituhay.com&dtd=1697

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a8c511941ed6c015b67ba0fb8e94bc2296d1a1bb29c68d942c4939525b0257b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46905
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 14:50:13 GMT
expires: Sat, 17 Feb 2024 14:50:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 231ms
85ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6965367340179025

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c98b59838fa22a9187e7a3ab6d72d0c629d590a5289d37ada11d2a1f112f11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Origin: https://kytuten.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51193
x-xss-protection: 0
server: cafe
etag: 6021843416358093339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 14:50:13 GMT

GET
H2 200 dmca_protected_sml_120m.png
images.dmca.com/Badges/ 2 KB
3 KB 151ms
3ms Image
image/png 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120m.png?ID=2b3d40ec-9e40-4f11-98bb-6fa4b8bc40fd
Requested by: Host: kytuten.lat
URL: https://kytuten.lat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 / ASP.NET
Resource Hash: 075535cca15623d527f533d7a54e63ed6f4443eb7113d850447b959569fbc6b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
cdn-edgestorageid: 885
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:48
cdn-pullzone: 1574055
content-length: 2152
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "20bc6d33e0ebca1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: e9de4ab91504380049905ccb4cd89f90
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 traffic.js Show response
api.uxsoft.co/storage/traffic/ 50 KB
13 KB 162ms
13ms Script
application/javascript 2606:4700:3036::ac43:d5b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.uxsoft.co/storage/traffic/traffic.js

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d5b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be26476c3678e768765259342203af3f2fcc050e12a80962b5c40ca362860597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7076
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 19 Aug 2023 07:46:41 GMT
server: cloudflare
etag: W/"64e07361-c8c2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tqbt3CbdKBcIiTk2ubZXUGH5iE5WXdP8mncBS5C%2Fvw6JGXrY8mQi4E%2FlzVpzzCZ%2FGp1OBTSa02vrPqd48AT9EYZKIcKWt%2FvlsMaLuzP29ElqOPanIxxuA2S4x%2FVHF2FZfEuktyWb9pgTYDB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 856ed767cf929e04-EWR

GET
H2 200 a857a9b95e99384fced7ad5899d63b47.js Show response
kytuten.lat/cache/js/ 158 KB
47 KB 269ms
266ms Script
application/x-javascript 157.10.52.121
SUCCESS-VN DIGI S...

General

Check archive.org

Show headers Download Go to

Full URL: https://kytuten.lat/cache/js/a857a9b95e99384fced7ad5899d63b47.js?20240217215012
Requested by: Host: kytuten.lat
URL: https://kytuten.lat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.10.52.121 , Viet Nam, ASN151893 (SUCCESS-VN DIGI SUCCESS SERVICE COMPANY LIMITED, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ead831b285df077c5f6c8340307217613b2eb84a04365f120a43b22368d500ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
last-modified: Sat, 17 Feb 2024 14:50:12 GMT
server: LiteSpeed
etag: "27755-65d0c7a4-7d827;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 48136
expires: Sun, 18 Feb 2024 02:50:13 GMT

GET
H2 200 script.js Show response
link4m.co/widget/ 0
644 B 535ms
387ms Script
text/javascript 2606:4700:3033::ac43:a199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://link4m.co/widget/script.js?key=oiE4WD&v=3

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Link4m

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: Link4m
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Etj0B24ZNyzoPRNZRsEYQPpD%2Bu4xMJAfNLWmPGo9Cf%2Flb3daD%2BTNk5gaMJars2k3E5oDUnYKSV5yXmx0YNl1mIYgiL8fsEk%2BYo681qY5MQZXC0pEk2%2FT6yrrYupGpM6KLc4J5rFtdBE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 856ed767c8834392-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 458 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7664b032875f94caaec52c8d4bb675470cc762946716a9520aea6b10231cbab2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a07f7f3bcfd9bfc168b51aaf7521b5a67bab695d5f905811d01d8adfc7e64f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 602 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 493f003232823c056fa722160edc9330fe74d35aaa0c88084f23e9329e9e0fc6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
www.google.com/pagead/1p-user-list/786542058/ 42 B
455 B 44ms
20ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786542058/?random=1708181412781&cv=11&fst=1708178400000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v892476503za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fkytuten.lat%2F&frm=0&tiba=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_h0ytBDzC7yn_UxKyf3-llNQ8L_qrrQ&random=1028737087&rmt_tld=0&ipr=y

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 42ms
42ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V95HGJVDN1&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07e699c35513adf701b32d04858ced2bb7bd9a518a7160879ae6d3b2b227bc09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 14:50:13 GMT

POST
H2 400 get-timer Show response
api.topkiemtien365.com/api/farmer/ 85 B
423 B 322ms
322ms Fetch
application/json 2606:4700:3034::6815:4aa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.topkiemtien365.com/api/farmer/get-timer
Requested by: Host: api.uxsoft.co
URL: https://api.uxsoft.co/storage/traffic/traffic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 292bb07babd8ab8a954ae5a1c07074fece62d9194030717d6585404f25f40b58

Request headers

Referer: https://kytuten.lat/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Feb 2024 14:50:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ratelimit-remaining: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST%2BWFe%2FvMxLsg6NPp0%2BBePMDTJSTL6LbBI1uSgWRbgPAhsxrFMDO2CZ9N791p%2BDYIzMwcAjFu6vJ3j7bTOTCCHLVRpkblIdg%2FJBjKXAofH8rK1Pwd71idD5tM%2F7a1Xm5JGHlLmXm8PC9atj3dDwmz7XQmNlV"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 856ed76d9b005e62-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 get-timer
api.topkiemtien365.com/api/farmer/ Frame 0
0 878ms
831ms Preflight
text/html 2606:4700:3034::6815:4aa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.topkiemtien365.com/api/farmer/get-timer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kytuten.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 856ed7686e6f5e62-EWR
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 14:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk1TT1zk18WVyHTQBGuhWOie5mlTMzVSYvL4nr7vh7y7OtS6KM0k6Do6X8SLJRHcGr6CHBsDK7VmASUq%2ByLBuQ0qKBY0ZgWXhYYRbPKKEKMza33Qdl8T1YnsRlL2HQwtHAPS5UjVhPbTj6Yy4wdpbD0INOYp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 407 KB
138 KB 120ms
100ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6965367340179025

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5588d80eda0d494e98189d6765de98d395db4f8283ed2bab9eeeef04cddb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141262
x-xss-protection: 0
server: cafe
etag: 14547110653843212240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:50:13 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 1120 9 KB
4 KB 6ms
5ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6965367340179025

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 60528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 22:01:25 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 22:01:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 26ms
25ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-V95HGJVDN1&gtm=45je42e0v9108921594za200&_p=1708181412676&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=618348578.1708181413&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fkytuten.lat%2F&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&sid=1708181413&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3499
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V95HGJVDN1&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE52 603 B
66 B 85ms
84ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6965367340179025&output=html&adk=1812271804&adf=3025194257&lmt=1708181413&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fkytuten.lat%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708181413228&bpp=6&bdt=590&idt=306&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6281104303615&frm=20&pv=2&ga_vid=618348578.1708181413&ga_sid=1708181414&ga_hid=714405041&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081221%2C95324581%2C95325067%2C31081219%2C95323760%2C95321868%2C95324155%2C95324161%2C95324432&oid=2&pvsid=2329858488972596&tmod=1296542557&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=365

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 14:50:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame AEE4 14 KB
2 KB 47ms
24ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=1411505461&pi=t.aa~a.3539804474~i.61~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256752&bpp=1&bdt=27274&idt=0&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600%2C1064x280&nras=9&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4842&biw=1920&bih=918&scr_x=0&scr_y=1195&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=FQEwaTJV4u&p=https%3A//kituhay.com&dtd=1697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 14:41:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 14:50:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AEE4 2 KB
903 B 41ms
6ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame AEE4 23 KB
9 KB 34ms
8ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 13:15:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AEE4 3 KB
1 KB 32ms
7ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AEE4 20 KB
8 KB 38ms
4ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:11:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AEE4 0
0 26ms
25ms Image
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7ACV1hQ0zSFfvFbBMBCdVUZCJJs0Oa7CA11BWRop5BCBZ8qVl7k-SsLj6aOhhc2BNkAuVn-u17Jjkc2C2MagKNkJX8w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6371747430394119&output=html&h=280&adk=597077865&adf=1411505461&pi=t.aa~a.3539804474~i.61~rp.4&w=1064&fwrn=4&fwrnh=100&lmt=1695718258&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5692994415&ad_type=text_image&format=1064x280&url=https%3A%2F%2Fkituhay.com%2F&fwr=0&pra=3&rh=200&rw=1064&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJtYWNPUyIsIjEzLjQuMSIsImFybSIsIiIsIjExNi4wLjU4NDUuMTEwIixbXSwwLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjExNi4wLjU4NDUuMTEwIl0sWyJOb3QpQTtCcmFuZCIsIjI0LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTE2LjAuNTg0NS4xMTAiXV0sMF0.&dt=1695718256752&bpp=1&bdt=27274&idt=0&shv=r20230921&mjsv=m202309200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcac7db3e4b6d6cc2-2293d1e012e40090%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_Mb-0XYffp8EzN4WmVa44ZqwGfqZ0Q&gpic=UID%3D00000c540c8065e0%3AT%3D1695663648%3ART%3D1695718255%3AS%3DALNI_MZmO48cOLLdciurhpR2jxCfQ8VNgw&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1110x280%2C1005x124%2C160x600%2C160x600%2C1064x280&nras=9&correlator=3324705656305&frm=20&pv=1&ga_vid=1347674656.1695663648&ga_sid=1695718255&ga_hid=853907374&ga_fc=1&ga_cid=1240762041.1695663651&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1003&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=428&ady=4842&biw=1920&bih=918&scr_x=0&scr_y=1195&eid=44759876%2C44759927%2C44759837%2C31078144%2C44801485%2C31078087%2C44803794%2C31067146%2C31067147%2C31067148%2C31068556&oid=2&psts=AOrYGsnGjiRof0MiMxN-j93Fi8MlMRELio_KwSh15kwmk88DHKPWuSuRnkTEOvKtCYExdLw-8n6Zpz7Wg9LMvOxft5mkojq8Gq7huieCMbFai3XDnOw%2CAOrYGslM5oTdB-q34kejFDh64KGSILCEh94FclOcwbAS9L9uxzcocn-Rd-Dw7PU-KUr1QHt-pXhhj-lMp-CCemB20B-Ma4RoSMO43gopYb72olODEVk%2CAOrYGskHyNi-tCSKnLFqY7J56qlx6Eu4KBxiRPGxvPjGIwhBFjgjmjlQ5tZLaSDxLvLHli3Vuc3pltA6EXSf3F_3euZz_E5z3MSjKnBY-BttJy9LyjY&pvsid=2783241629920588&tmod=371231924&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1408&brdim=0%2C25%2C0%2C25%2C1920%2C25%2C1920%2C1003%2C1920%2C918&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&td=1&nt=1&ifi=7&uci=a!7&btvi=8&fsb=1&xpc=FQEwaTJV4u&p=https%3A//kituhay.com&dtd=1697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AEE4 204 KB
61 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 15:01:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame AEE4 36 KB
15 KB 28ms
4ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H2 200 3476445066299407086
tpc.googlesyndication.com/simgad/6038397779503263174/ Frame AEE4 24 KB
24 KB 29ms
10ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6038397779503263174/3476445066299407086?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b6d0f470c436831a3f6d9cd523136d0f12b989761fafa682f9d621222126e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 20:37:09 GMT
date: Thu, 15 Feb 2024 20:37:09 GMT
x-content-type-options: nosniff
age: 151984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24400
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 11:08:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A6C4 1 KB
643 B 6ms
3ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 21:47:22 GMT
etag: 48472445140208031
expires: Sat, 17 Feb 2024 21:47:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AEE4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AEE4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A6C4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1&google_push=AXcoOmSf656fv5cFdN1WGAFUCG4zNnk27vNGWytMkuRDrYT1UeOthgdHpbeXgOucPWMquK-YvWrPNXPVo7pbkJc5FzYoXn2OoA86FC0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NjA2NzYyNDMzMTM0NzI0Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1

43 B
398 B

85ms
27ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM09KsaQhnP4mjy1uqZgT7I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6C4
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEI-GrTQ3w6LMDZjettXyrWg&google_cver=1&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb8...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE&google_cver=1&go...

170 B
188 B

20ms
20ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE&google_cver=1&google_gid=CAESEI-GrTQ3w6LMDZjettXyrWg&google_hm=UTc2MTQ2NzgxMzEzNjcwOTk5Mjg=

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Feb 2024 14:50:13 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTqgjtbKaDo1Ap0wuDH1Kc1tvhhoNmEysEWyE-GIojDi3mU51i4kpAknvKnu9Zb85r4MpVHm_QT0Sa8XZzC5cEQ1t4oh6sE9OE&google_cver=1&google_gid=CAESEI-GrTQ3w6LMDZjettXyrWg&google_hm=UTc2MTQ2NzgxMzEzNjcwOTk5Mjg=
Content-Type: text/html
Cache-Control: max-age=12492
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6C4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_cver=1&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULig...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=535ccc796aa6050e&is_secure=true&networkId=14000&version=1&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_cver=1&google_push=AXcoOmRPuqbM...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACLLyXVZsLjwNHU8U1AAAAAAA&expiration=1708267813&google_cver=1&is_secure=true&google_gid=CAESEIHeypRZ0JqVBicq1Auv9...

170 B
188 B

24ms
24ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACLLyXVZsLjwNHU8U1AAAAAAA&expiration=1708267813&google_cver=1&is_secure=true&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULigqff_iZuHfQkAVJhesKqzE2LFcsKd38LU_rEU0AySxJ-VTuIw

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACLLyXVZsLjwNHU8U1AAAAAAA&expiration=1708267813&google_cver=1&is_secure=true&google_gid=CAESEIHeypRZ0JqVBicq1Auv93w&google_push=AXcoOmRPuqbMrfD5FdBTSoQudQc6q9a12u2535XiFhVAWErbqGFULigqff_iZuHfQkAVJhesKqzE2LFcsKd38LU_rEU0AySxJ-VTuIw
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6C4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECotkgNaMBqzaXnashHKXiE&google_cver=1&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOV...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HsH2sakfSM8Us2qQhHsjfg&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOVRm5IMIbdl-0LOM4

170 B
188 B

24ms
24ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HsH2sakfSM8Us2qQhHsjfg&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOVRm5IMIbdl-0LOM4

Requested by

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Feb 2024 14:50:13 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HsH2sakfSM8Us2qQhHsjfg&google_push=AXcoOmSTwq0A_slKzLmvy40c-Uqu7tu2hzJ1omSrcSgM6IuLr3Bh4xJ6vZ2GLsV4SPv5htaDWuAoRcMvWt03EvOVRm5IMIbdl-0LOM4
x-host: tde-deliveryengine-production-7fbb6d4658-sd8bj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame A6C4 43 B
641 B 560ms
171ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEICB0EUD8WdIs2xLG6vw6SI&google_cver=1&google_push=AXcoOmS3QFvbtILziEGALtqPjMTbMlbe_wfV2ppZ2MBDPq4BbapOFDPRr8Oo1sakCx3VhQetWAv5CypGyEj5ODjYF6N3h1yeNcGuru0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 14:50:14 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A6C4
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEM69-IdROAxxXb1N2lGlzbU&google_cver=1&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwG...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fEywqSz8sEuNLy1oCq5YSw&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwGEW8soD7gje...

170 B
329 B

27ms
26ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fEywqSz8sEuNLy1oCq5YSw&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwGEW8soD7gjeiBU-FY

Requested by

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fEywqSz8sEuNLy1oCq5YSw&google_push=AXcoOmR_YVOYjHXsS1GwwIRTAgEBDjwCM7TVgGezXtJAx44ddndfUO89MQ8wNrGFNNnFzu2udby2t9M7iznAiwGEW8soD7gjeiBU-FY
Date: Sat, 17 Feb 2024 14:50:13 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame A6C4
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEAnUPrPFc7z7Lpk-TQDDR9g?ext-param=AXcoOmRHRbXnR1-S6-m42FZ2MJo9MQNeh8m3W0-hZ5lctJsTxzc--kJPdJiD6TTp7j74GHQ0KKbjoHAtdsO6WACxZzHHYTdt3cDNVmw&partner-tag=yandex_a...
https://yandex.ru/an/mapuid/google/CAESEAnUPrPFc7z7Lpk-TQDDR9g?redir-setuniq=1&ext-param=AXcoOmRHRbXnR1-S6-m42FZ2MJo9MQNeh8m3W0-hZ5lctJsTxzc--kJPdJiD6TTp7j74GHQ0KKbjoHAtdsO6WACxZzHHYTdt3cDNVmw&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAnUPrPFc7z7Lpk-TQDDR9g&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
169 B

117ms
116ms

Image
image/gif

2a02:6b8::90
TELETECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech http://an.yandex.ru; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform=
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 01 Feb 2025 14:50:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A6C4 0
130 B 66ms
33ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4KkMNYPMwD3zpyDTegU23y9mFu7x0sna7yCzov9FFYEVAR7d6wwEIIa8ImGtsTf64mTqllio

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame AEE4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac926a0cc1ebb7594cd7f857df33f7a1b4d43684909d3780d2ee36a5929cf917

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AEE4 33 KB
34 KB 23ms
3ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 159919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 18:24:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AEE4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpz5bpcfQZYOIBt6BoPMPrZO54ATkw-nfdfbXuOKBEtrZHhABIIvAqYMBYMnGqYvApNgPoAGRzbS-A8gBCagDAcgDywSqBMQBT9Awd7VBeyAv2JzzBCHR234TPvQg7djkkgK3cvS_rTdS33p...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc11ccb2e375db32d0000000000000000%22,%222%22:%220x23a7ae99f1e234e30000000000000000%22,%223%22:%220x8895ed...

0
0

109ms
79ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc11ccb2e375db32d0000000000000000%22,%222%22:%220x23a7ae99f1e234e30000000000000000%22,%223%22:%220x8895ed5a15b0d6020000000000000000%22,%224%22:%220x741951b3b27161ce0000000000000000%22,%225%22:%220x4baa5f97ee356bb30000000000000000%22},%22debug_key%22:%2218252304496363863078%22,%22debug_reporting%22:true,%22destination%22:%22https://dialpad.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22936191633%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228440657015486139169%22}&andc=true

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc11ccb2e375db32d0000000000000000","2":"0x23a7ae99f1e234e30000000000000000","3":"0x8895ed5a15b0d6020000000000000000","4":"0x741951b3b27161ce0000000000000000","5":"0x4baa5f97ee356bb30000000000000000"},"debug_key":"18252304496363863078","debug_reporting":true,"destination":"https://dialpad.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["936191633"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"8440657015486139169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 14:50:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 14:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc11ccb2e375db32d0000000000000000","2":"0x23a7ae99f1e234e30000000000000000","3":"0x8895ed5a15b0d6020000000000000000","4":"0x741951b3b27161ce0000000000000000","5":"0x4baa5f97ee356bb30000000000000000"},"debug_key":"18252304496363863078","debug_reporting":true,"destination":"https://dialpad.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["936191633"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"8440657015486139169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 99ms
98ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0087b9237bb604a94e2bd395cc643ca1f9d0d8e9b0de3ae92840a90ca5630866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12342
x-xss-protection: 0

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A20 51 KB
19 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:38:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 97ms
68ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 14:50:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 14:50:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C51 13 KB
5 KB 5ms
4ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 67302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 20:08:31 GMT
expires: Sat, 15 Feb 2025 20:08:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBA8 829 B
559 B 27ms
26ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f95a15cce00f8617e13bc0f83bc180c0c7504dd6465da206302b50f0ec0527f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fzlKq7llbKMNs_XsiBJLsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fzlKq7llbKMNs_XsiBJLsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 14:50:13 GMT
expires: Sat, 17 Feb 2024 14:50:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C51 39 KB
15 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 20:08:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBA8 0
0 66ms
66ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=2329858488972596&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C51 0
10 B 4ms
3ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hu9m7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:50:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=2329858488972596&bg=!urmlufbNAAZN4L4YbeA7ADQBe5WfOBFeyEfki-5prHtEZ3BHXf-UTng2g1YSTJ63nc2ENoEfT7BdHDxeyDe6WeHMCzHXAgAAAGlSAAAAA2gBBwoATkblk83E5rkOQ7v0Dqcf5eFtYNItR_Co1UM5SwDTuDPxAY5EsLIH2Z7Raw6gz12pmHo4t8UIzHkmheccymMnULHZ6DwjjCqHKnfW0F82d5kCyxxT0IDqFj2Nks_bM68fG6Wxbp2yaOre_vcBeLoSu-zc6LGLzgk4OfoyWQjaC1ty-PYMlrpF7CTqQzvqaigWSvhLdZ4fz2K9pPCgHWSVVVhFh0R3qwLnAKPc8v805WF19sG-gr5OYPwSilOG9b7h-ePi_iz2L74rCP1Duz5hIR8iaBmYOLwgMj_fJmxH6zxx82OQlxsx3PSEqlmcul3kBfuv73ih7CvgMTfzIWgFeJvXuMvYeHRtp2t7NOf70_kTL1LFmDITIbE_YnJQzY3Ds77_zqlnaK6g8ju8ULN14bNXMZyuzepqKtZD9CA3f4qYvlrAfyA5aGmRYLsshErBaJACLbjwREoxFFqvedkWhbLf1wU_DNi9hKS4l_dtsdaHInQ3wZNM9Q743cmDufHkGh-W5po0alcVVKUScFio2QRFLIN1D4fxezclYGONuJnLrCPbeLoQZ9B1nwKX7F7FzbACwEe_dFj241ZP1w883YneCZB-ylDIU2dgepkOC6rdiXvtYid7xNBdgwdOHuUDKnICzMPULnEhfTgicfb7Tw7rCYPFmrA9fLdqdYML4yaG9WoNYvPW80vqQPtI9rJlzH0-IxzOCXTJyZOnKlmu1uuaAO_hO885CADPlH4ohGtjBHLFDv4qzm63k3y-yuoaRSq7YrvK7q6uZaGtWIcUevw8Zo0NgJZKXmNSimxEBvrBXmqaNPdIzR2Xb-Dz5WWJxMfahuJAe0S3wfyL5zD-xuNrSTA0sMalCFJHvnDUDUP19AXiwGTuj7YD_-RLfd7cZWFVxPSjYrWYhv9COydAvbGGc1OD7Bj8daMTeTvh2ySTsYnh6RiMT_8PJYtPIMr2Zw-hdA6XyIkWwDws6BxzuXf1j7FMU6Bcc2DRXCl_wqPE1ISnZylG5A2YMbSl4aDmc4B4qKEabOQbHbZlI9RRFf2JDw9F5INNj-0YS1U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WWD2Q2G3YW&gtm=45je42e0v892317122za200&_p=1708181412676&gcd=13l3l3l3l1&npa=0&dma=0&cid=618348578.1708181413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708181412&sct=1&seg=0&dl=https%3A%2F%2Fkytuten.lat%2F&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&en=scroll&epn.percent_scrolled=90&_et=31&tfd=8056
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWD2Q2G3YW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
23ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K65ZB0PB98&gtm=45je42e0v889849833za200&_p=1708181412676&gcd=13l3l3l3l1&npa=0&dma=0&cid=618348578.1708181413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708181412&sct=1&seg=0&dl=https%3A%2F%2Fkytuten.lat%2F&dt=K%C3%AD%20T%E1%BB%B1%20%C4%90%E1%BA%B7c%20Bi%E1%BB%87t%20%C4%90%E1%BA%B9p%20%E2%9D%A4%EF%B8%8F%20T%E1%BA%A1o%20T%C3%AAn%20Game%20Hay%20%C4%90%E1%BB%99c%20Nh%E1%BA%A5t%20S%E1%BB%91%201%EF%B8%8F%E2%83%A3%20VN&en=scroll&epn.percent_scrolled=90&_et=19&tfd=8070
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K65ZB0PB98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kytuten.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 135ms
19ms Script
text/javascript 2607:f8b0:4006:80d::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/cache/js/a857a9b95e99384fced7ad5899d63b47.js?20240217215012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e23a7507aebfd7528cc99957bbaa4a9917de241a5559fa73ed0ed51e424aebff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 14:50:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "9127b207f82b7141"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:50:18 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=plus/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 200 KB
69 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:80d::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=plus/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c2b7033fa5bb0412363fd525be94e7f934345fa6ec5eb9435154affa461e7582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69927
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 15:21:40 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=auth/exm=plus/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 78 KB
27 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80d::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=auth/exm=plus/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a6744bc9ed14199df4dcaa58fd1ed5be8bb7522366e23ef1e322011767d9d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kytuten.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 10:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27859
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 10:55:30 GMT

GET
H2

200

/
developers.google.com/ Frame 012D
Redirect Chain

https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&action=share&annotation=bubble&origin=https%3A%2F%2Fkytuten.lat&url=https%3A%2F%2Fkytuten.lat%2F&gsrc=3p&ic=1&jsh=m%3B%2F_...
https://developers.google.com/

0
0

1016ms
998ms

Document
text/html

2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.google.com/

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-GrHJAwhZPra23CyuAHbObz9D/Rc/IT' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 27903
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-GrHJAwhZPra23CyuAHbObz9D/Rc/IT' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type: text/html; charset=utf-8
date: Sat, 17 Feb 2024 14:50:19 GMT
expires: 0
last-modified: Fri, 16 Feb 2024 18:13:17 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Cookie Accept-Encoding
x-cloud-trace-context: 1869032bb8b8a115e974ee1163ef9f43
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1800
content-length: 226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 14:50:18 GMT
expires: Sat, 17 Feb 2024 15:20:18 GMT
location: http://developers.google.com/
server: sffe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame DCDE 565 B
879 B 89ms
44ms Document
text/html 2607:f8b0:4023:1407::54

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkytuten.lat&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=auth/exm=plus/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::54 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

3bb15f51f782eebcafa361412f3cf0995abf5d59716f428c4aa8da39cbe60684

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-HzXDKMNIRFSFxfW7h_Mw5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kytuten.lat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-HzXDKMNIRFSFxfW7h_Mw5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sat, 17 Feb 2024 14:50:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame DCDE 0
230 B 45ms
43ms Other
text/html 2607:f8b0:4023:1407::54

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: kytuten.lat
URL: https://kytuten.lat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::54 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D1IUxXMtYZ1HAxgs01-hWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkytuten.lat&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 14:50:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-D1IUxXMtYZ1HAxgs01-hWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame DCDE 12 KB
6 KB 41ms
3ms Script
text/javascript 2607:f8b0:4006:80d::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkytuten.lat&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 09:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 05:05:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 09:32:29 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame DCDE 18 KB
7 KB 18ms
18ms Script
text/javascript 2607:f8b0:4006:80d::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

09308ada60e95c434dee4dd6e8dd7a4f0800bd446a770fd2aa915dc178ec7de3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 14:50:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7123
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "3b6912b41d0e7996"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:50:18 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ Frame DCDE 64 KB
23 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:80d::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a6b92e1a8f4f0dedb2d7077a131a47af0401c794a0bdfdf94bf8ca5996979c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 19:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23093
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 19:28:02 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kytuten.lat/	1969-12-31 23:59:59	Name: PHPSESSID Value: m7b7p6tiuvvo0aormmdpkc3hro
.kytuten.lat/	1970-01-20 20:39:17	Name: _gcl_au Value: 1.1.796498863.1708181413
.kytuten.lat/	1970-01-21 04:05:41	Name: _ga_WWD2Q2G3YW Value: GS1.1.1708181412.1.0.1708181412.0.0.0
.kytuten.lat/	1970-01-21 04:05:41	Name: _ga_K65ZB0PB98 Value: GS1.1.1708181412.1.0.1708181412.0.0.0
.kytuten.lat/	1970-01-21 04:05:41	Name: _ga Value: GA1.2.618348578.1708181413
.kytuten.lat/	1970-01-20 18:31:07	Name: _gid Value: GA1.2.1493168714.1708181413
.kytuten.lat/	1970-01-20 18:29:41	Name: _gat_UA-238389093-1 Value: 1
.kytuten.lat/	1970-01-21 04:05:41	Name: _ga_V95HGJVDN1 Value: GS1.2.1708181413.1.0.1708181413.0.0.0
.doubleclick.net/	1970-01-21 04:05:41	Name: IDE Value: AHWqTUn45pYOn0RENspAxVS0FrCPLi-U9rQTrqDOCFa9yJz5vUMifDjcmPVqnCcOems
beacon.lynx.cognitivlabs.com/	1970-01-21 03:16:43	Name: UID Value: a9b04c7c-fc2c-4bb0-8d2f-2d680aae584b
beacon.lynx.cognitivlabs.com/	1970-01-21 03:16:43	Name: ss Value: v9ey9XHzfh7c5eI%2FiPL3DFI9oMCS%2B1Ltkg1yeoTUkTN6JkBkglswFeKnEU62dJzz5zg%2BtzDddA7A%2Bp5XSBXjDQ%3D%3D
.travelaudience.com/	1970-01-21 03:57:03	Name: _tracker Value: %7B%22UUID%22%3A%221EC1F6B1-A91F-48CF-14B3-6A90847B237E%22%7D
.turn.com/	1970-01-20 22:48:53	Name: uid Value: 9046067624331347243
.owneriq.net/	1970-01-21 04:05:41	Name: si Value: Q7614678131367099928P
.owneriq.net/	1970-01-20 18:44:05	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 18:44:05	Name: gguuid Value: 1
.dotomi.com/	1970-01-20 18:29:41	Name: DotomiTest Value: 535ccc796aa6050e
.yandex.ru/	1970-01-21 04:05:41	Name: yuidss Value: 8817293021708181413
.googleadservices.com/	1970-01-20 20:39:17	Name: ar_debug Value: 1
.send.microad.jp/	1970-01-20 20:39:17	Name: TR Value: 119dcd5b8a4ea077b549834bda944908d8f9735ad83d1284
.yandex.ru/	1970-01-21 04:05:41	Name: i Value: V5F4DEj0pzM1bkM1dyHjPLuIZfX15ZMeC6CAcgcyVs6FnYvXngibByGP51PVDpmcJ1o0I4MlTGRhH1rqhIKFJFxsH14=
.yandex.ru/	1970-01-21 04:05:41	Name: yandexuid Value: 5515085791708181414

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://kytuten.lat/(Line 7570) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6965367340179025&output=html&adk=1812271804&adf=3025194257&lmt=1708181413&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fkytuten.lat%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708181413228&bpp=6&bdt=590&idt=306&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6281104303615&frm=20&pv=2&ga_vid=618348578.1708181413&ga_sid=1708181414&ga_hid=714405041&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081221%2C95324581%2C95325067%2C31081219%2C95323760%2C95321868%2C95324155%2C95324161%2C95324432&oid=2&pvsid=2329858488972596&tmod=1296542557&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=365 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.topkiemtien365.com/api/farmer/get-timer Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kytuten.lat/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.turn.com
ads.travelaudience.com
aid.send.microad.jp
an.yandex.ru
api.topkiemtien365.com
api.uxsoft.co
apis.google.com
beacon.lynx.cognitivlabs.com
cm.g.doubleclick.net
dclk-match.dotomi.com
developers.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
kytuten.lat
link4m.co
pagead2.googlesyndication.com
px.owneriq.net
r.turn.com
ssl.gstatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
yandex.ru
142.250.80.2
142.250.80.98
157.10.52.121
18.215.133.183
202.233.84.1
23.76.43.24
2606:4700:3033::ac43:a199
2606:4700:3034::6815:4aa7
2606:4700:3036::ac43:d5b5
2606:ae80:1471:1c::2010
2607:f8b0:4006:807::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200e
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200e
2607:f8b0:4023:1407::54
2620:112:f002:bbbb::21
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:c454::1
35.190.0.66
0087b9237bb604a94e2bd395cc643ca1f9d0d8e9b0de3ae92840a90ca5630866
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
075535cca15623d527f533d7a54e63ed6f4443eb7113d850447b959569fbc6b3
07e699c35513adf701b32d04858ced2bb7bd9a518a7160879ae6d3b2b227bc09
09308ada60e95c434dee4dd6e8dd7a4f0800bd446a770fd2aa915dc178ec7de3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
1a8c511941ed6c015b67ba0fb8e94bc2296d1a1bb29c68d942c4939525b0257b
224d3653180187869549492cc115e50089b40cb0a2f6ac79d4cc14e83612f250
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
292bb07babd8ab8a954ae5a1c07074fece62d9194030717d6585404f25f40b58
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a71d68dfc2ad2c6ea777dde07b3b8957e414250a9f2992f9ae6dd81ae1bf54
3bb15f51f782eebcafa361412f3cf0995abf5d59716f428c4aa8da39cbe60684
3f95a15cce00f8617e13bc0f83bc180c0c7504dd6465da206302b50f0ec0527f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
458abeb71fd85cc4a455d260bc6c84199259beea8ffac264e2a689ae4645eeae
46a94b8ad7192887f8f2fe0d4be4cb4c0ed62f74b7489ceefa94b39b4966592e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493f003232823c056fa722160edc9330fe74d35aaa0c88084f23e9329e9e0fc6
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c98b59838fa22a9187e7a3ab6d72d0c629d590a5289d37ada11d2a1f112f11f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7664b032875f94caaec52c8d4bb675470cc762946716a9520aea6b10231cbab2
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
8b6d0f470c436831a3f6d9cd523136d0f12b989761fafa682f9d621222126e1d
90977487ab9e0cceb2904f7fe6e2366463466c46edc007738bb7edd033507ab5
967c09a0617bd356a7729c14942414ed68c70ba90516d1c4970b417ac0a9f176
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a6744bc9ed14199df4dcaa58fd1ed5be8bb7522366e23ef1e322011767d9d876
a6b92e1a8f4f0dedb2d7077a131a47af0401c794a0bdfdf94bf8ca5996979c6c
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ac926a0cc1ebb7594cd7f857df33f7a1b4d43684909d3780d2ee36a5929cf917
b043fbd62887397507b9e8c4ed5ae7e1d599573fb732521aa731ec2a4e55709d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
be26476c3678e768765259342203af3f2fcc050e12a80962b5c40ca362860597
c025d58a0d9c50fea813bba8feb95b3463822d091bc31928d11ff76772f3d313
c0a07f7f3bcfd9bfc168b51aaf7521b5a67bab695d5f905811d01d8adfc7e64f
c24d9761622eca2a012a72722492f5a03adddbacc5efc74b10bac77093033b4a
c2b7033fa5bb0412363fd525be94e7f934345fa6ec5eb9435154affa461e7582
d61456cd5b10db0695a20a25d575cafd3a426e1ddd8196300e0d6d30bec27cb6
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23a7507aebfd7528cc99957bbaa4a9917de241a5559fa73ed0ed51e424aebff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead831b285df077c5f6c8340307217613b2eb84a04365f120a43b22368d500ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb5588d80eda0d494e98189d6765de98d395db4f8283ed2bab9eeeef04cddb34

kytuten.lat Open in urlscan Pro 157.10.52.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

90 %HTTPS

75 %IPv6

20 Domains

29 Subdomains

24 IPs

4 Countries

1252 kBTransfer

3614 kBSize

22 Cookies

7 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kytuten.lat Open in urlscan Pro
157.10.52.121 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

90 %
HTTPS

75 %
IPv6

20
Domains

29
Subdomains

24
IPs

4
Countries

1252 kB
Transfer

3614 kB
Size

22
Cookies

68 HTTP transactions
6 data transactions