urlscan.io logo urlscan.io
SecurityTrails logo

kiemtienonline.vansuapp.com Open in urlscan Pro
2607:f8b0:4002:c09::79  Public Scan

Go To Rescan Add Verdict Report
URL: https://kiemtienonline.vansuapp.com/
Submission: On March 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 54 HTTP transactions. The main IP is 2607:f8b0:4002:c09::79, located in Atlanta, United States and belongs to GOOGLE, US. The main domain is kiemtienonline.vansuapp.com.
TLS certificate: Issued by GTS CA 1D4 on March 30th 2024. Valid for: 3 months.
This is the only time kiemtienonline.vansuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2607:f8b0:4002:c09::79 (Atlanta, United States)

ASN15169 (GOOGLE, US)
kiemtienonline.vansuapp.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2607:f8b0:4002:c05::84 (Atlanta, United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
5    172.253.124.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ys-in-f154.1e100.net
pagead2.googlesyndication.com
1    112.213.89.115 (Viet Nam)

ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN)
PTR: babyshark.maychu.cloud
dvms.com.vn
1    2607:f8b0:4002:c0c::bf (Atlanta, United States)

ASN15169 (GOOGLE, US)
www.blogger.com
4    2607:f8b0:4002:c08::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net
lh3.googleusercontent.com
blogger.googleusercontent.com
5    64.233.185.156 (United States)

ASN15169 (GOOGLE, US)
PTR: yb-in-f156.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4002:c0c::64 (Atlanta, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
11    74.125.138.101 (United States)

ASN15169 (GOOGLE, US)
PTR: yi-in-f101.1e100.net
fundingchoicesmessages.google.com
2    2607:f8b0:4002:c0c::84 (Atlanta, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    64.233.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yb-in-f99.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
73 KB
12 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 11416
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
236 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
263 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
4 gstatic.com
fonts.gstatic.com
245 KB
4 vansuapp.com
kiemtienonline.vansuapp.com
62 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
114 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
90 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11996
51 KB
1 dvms.com.vn
dvms.com.vn
311 KB
54 10
Domain Requested by
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 lh3.googleusercontent.com kiemtienonline.vansuapp.com
6 blogger.googleusercontent.com kiemtienonline.vansuapp.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com kiemtienonline.vansuapp.com
pagead2.googlesyndication.com
4 fonts.gstatic.com kiemtienonline.vansuapp.com
4 kiemtienonline.vansuapp.com www.blogger.com
3 cdnjs.cloudflare.com kiemtienonline.vansuapp.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 connect.facebook.net kiemtienonline.vansuapp.com
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 www.blogger.com kiemtienonline.vansuapp.com
1 dvms.com.vn kiemtienonline.vansuapp.com
54 13
Subject Issuer Validity Valid
kiemtienonline.vansuapp.com
GTS CA 1D4		 2024-03-30 -
2024-06-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-07 -
2024-04-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
dvms.com.vn
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://kiemtienonline.vansuapp.com/
Frame ID: 0A36FDD9A480E7DD39CBE1E5C4E98122
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: 200572A43F209D9A9F4B71920215575D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3250132014601135&output=html&adk=1812271804&adf=3025194257&lmt=1711783477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x875_l%7C260x875_r&format=0x0&url=https%3A%2F%2Fkiemtienonline.vansuapp.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711792355968&bpp=6&bdt=739&idt=686&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4216712057271&frm=20&pv=2&ga_vid=1602348201.1711792357&ga_sid=1711792357&ga_hid=1612754975&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082032%2C95326315%2C95322195%2C31081873%2C95328826&oid=2&pvsid=4319611144052971&tmod=414661565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=470%2C470%2C470%2C470%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=896
Frame ID: 018F74311109C5EA27B8F5C63FF231BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: EF6BF4A05E1F3EB2F598E75BFC380C57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: 82AD4C306B1D723B98F1833D8583B7F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: 8597ADA144478BEB1A3EA0E68FB36D40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73BBE1939F9543EA83A264807302DA98
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E71FCE513C8C2C08B42718D65174BAF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kiến tiền từ youtube, tiktok, online

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

98 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

15
IPs

3
Countries

1446 kB
Transfer

2859 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kiemtienonline.vansuapp.com/ 		433 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c09::79 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01771f2e8762f1d687fe1b44dedbd8e9aae207b4e984e4dbdda86b0309134c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
58639
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 09:52:35 GMT
etag
W/"79a95ed37afbd64bad90fbed8a6f92285cb1e0665a25cfb88f6c5b61e9cb0ef1"
expires
Sat, 30 Mar 2024 09:52:35 GMT
last-modified
Sat, 30 Mar 2024 07:24:37 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/fontawesome.min.css
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
642095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10255
last-modified
Sat, 06 Jan 2024 21:52:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bda7-280f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPbwElg8KWyB3A5QnVtHYHrrTaACUvTcQYTdK5I4qhzR2HexB6J8u2Nn0bcWqrMn8DWKNrREj8S6NBj5uNDBrGJIBn8QaS9L1jggt6UUuF0%2Bb0nOatODWgJpXy7BrlAtfn7bgp4Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c7352e5b72746a-MIA
expires
Thu, 20 Mar 2025 09:52:35 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0be1e01cac86fb231cc08a69d7a02f9bd8404b90a2037482a8a1e50b18a92b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Mar 2024 09:52:35 GMT
content-md5
Lj8X2SE82fmq3YIG+jJxnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
EW9MjuQ96HB6+AvIa/TGRAxD9+tdBhGpRmFjyly3C5jxGaZ9jUvfhFQL0PooGdTdaoI1rzPs6ITkJBNrtTidQQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
cb993a061d5ac49c69ae849aa7f66d49
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"86f73dd71aa385f68d494c1a8ccdff27"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 30 Mar 2024 10:08:40 GMT
AVvXsEgHpTy98XZZ4p0UQkvD8fyHHTFZsr6TQ36kMFJ6Wld3LY7ADMd9gDeHUpnFbfYt8GcTIXR32SkyBNxgKmjrr0C28dsAGwLN1PHLZczFYrFd7U0vRc9_2ywA-NlA3VZhymKa3xY1O3rLbyui3nE6Va6PxWEz-4B0exxcnfKfVd7ZQf3Xyj9AxJidTvbu=s150
blogger.googleusercontent.com/img/a/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgHpTy98XZZ4p0UQkvD8fyHHTFZsr6TQ36kMFJ6Wld3LY7ADMd9gDeHUpnFbfYt8GcTIXR32SkyBNxgKmjrr0C28dsAGwLN1PHLZczFYrFd7U0vRc9_2ywA-NlA3VZhymKa3xY1O3rLbyui3nE6Va6PxWEz-4B0exxcnfKfVd7ZQf3Xyj9AxJidTvbu=s150
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8554b6bed91e1e3c9b7cf7c2a60d9fe9abf4233377f9c390e5cfffbe340da87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
x-content-type-options
nosniff
server
fife
etag
"v8e6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chunguyenchuong.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29403
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3250132014601135
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.124.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ys-in-f154.1e100.net
Software
cafe /
Resource Hash
0b913288609c1ace8e1c3e995caa07176c318d01194aa77299aa28d278688a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50925
x-xss-protection
0
server
cafe
etag
17248762273871943057
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 30 Mar 2024 09:52:35 GMT
kiem-tien-youtube.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinX6z7Y8qGwtZZg3CqBsDqStA8BAdv-IsT3tdo2y9Lc9x4UV81JlMHvyn9rusp4GCeFdPxYj6poYWQ5fOa-reHlhOn8j8Xq1vE4sjwghRMIyg9SYZMzznrHDI1OJ5wc5ov4FZXKbsbHLeBPerV... 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinX6z7Y8qGwtZZg3CqBsDqStA8BAdv-IsT3tdo2y9Lc9x4UV81JlMHvyn9rusp4GCeFdPxYj6poYWQ5fOa-reHlhOn8j8Xq1vE4sjwghRMIyg9SYZMzznrHDI1OJ5wc5ov4FZXKbsbHLeBPerVksbNe5vnpC6jew4di6LSxid8p8dk7nI365mix1mHwh0/s860/kiem-tien-youtube.jpg
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
09b83943ca574d3a5a1d03e2ee4b1dba592a35d28d8907accbf5f528bbba7115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:36 GMT
x-content-type-options
nosniff
server
fife
etag
"va12"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="kiem-tien-youtube.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82828
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:36 GMT
BannerFBGroup.png
dvms.com.vn/images/ 		308 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dvms.com.vn/images/BannerFBGroup.png
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
112.213.89.115 , Viet Nam, ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN),
Reverse DNS
babyshark.maychu.cloud
Software
Apache/2 /
Resource Hash
ae04e2d722f416d5f5d9441c1ae3e9e00f04fd1a6c377ea72d32167aac308f41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:27:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Oct 2013 14:34:08 GMT
server
Apache/2
etag
"4d12b-4e904d3b77800"
content-type
image/png
accept-ranges
bytes
content-length
315691
AVvXsEhHkU5fOaSMPRSoDXeQN_DXeyMumUMmbL6mzUCMfLMvq6zwTolIkyHI2z2J3c4JlUyQftfYtvEfHt1zZH_CxTd1xBSj7MrBy068gNvvYDta5aLAUk_BugGF-DT6y4mAfQ8W646BPr_44LID5YYC81PvrYJdicspDTu0Y3mwveAf3j470qTFbcwJ8qKwlA=s150
blogger.googleusercontent.com/img/a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhHkU5fOaSMPRSoDXeQN_DXeyMumUMmbL6mzUCMfLMvq6zwTolIkyHI2z2J3c4JlUyQftfYtvEfHt1zZH_CxTd1xBSj7MrBy068gNvvYDta5aLAUk_BugGF-DT6y4mAfQ8W646BPr_44LID5YYC81PvrYJdicspDTu0Y3mwveAf3j470qTFbcwJ8qKwlA=s150
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6a94d017dd2e6d260f4b9096c1a47a22157b588ac678682acf3114af0cdf1663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
x-content-type-options
nosniff
server
fife
etag
"v8cb"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="mau-dk-2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4665
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:35 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
743955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjECtAaNj334YzpumcdGOyysQ%2F8EyQmH7jvUDWnOm84MtrcDmNPYOBwWwkTFUB2nPp%2B6c7%2FkG%2FVCttpKkgXNBxhEET0briupeB%2B9R2owSOS%2Boa%2Bp1MAjmIVOJVci0KVDpzbtz498"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c7352ebbbb746a-MIA
expires
Thu, 20 Mar 2025 09:52:35 GMT
1380559502-widgets.js
www.blogger.com/static/v1/widgets/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1380559502-widgets.js
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0c::bf Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0016acef19c1c4fed5f13ac338c5f3b2738b6873bceb66bc824c821623fa7bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 02:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51645
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 01:53:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 27 Mar 2025 02:34:30 GMT
bg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRZsE8GfXlY7FiDwiDRJEHOf8fxFBXnzMsC00kcEJzxUoVUfw1VF2tMe0UaI9RQLxHjlbD80ATJNar7mwXesZ88GswzcVj-GhcQd_tWwcwqYAFiPUza1aKbrfaLbYqM0NhisqfTB40qM0xv8U6... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRZsE8GfXlY7FiDwiDRJEHOf8fxFBXnzMsC00kcEJzxUoVUfw1VF2tMe0UaI9RQLxHjlbD80ATJNar7mwXesZ88GswzcVj-GhcQd_tWwcwqYAFiPUza1aKbrfaLbYqM0NhisqfTB40qM0xv8U6U_zRQ9hBPAqayYoWwf0qxCJfMac7fAcdJm6z7Ac8Zw/s1600/bg.png
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
00b18f45477956d410a76a35d03dc0a43159d2a2dcb9b6cab5f4075a3a0aeb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
x-content-type-options
nosniff
server
fife
etag
"v30f6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bg.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8749
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:35 GMT
LDItaoyNOAY6Uewc665JcIzCKsKc_M9flwmP.woff2
fonts.gstatic.com/s/materialiconsround/v65/ 		143 KB
143 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsround/v65/LDItaoyNOAY6Uewc665JcIzCKsKc_M9flwmP.woff2
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c08::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f517e0a99c99691719d80e7f803c0385a2eebd0fa9069642cbdc7cd4f98667e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 14:34:25 GMT
x-content-type-options
nosniff
age
155890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146348
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 22:48:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 14:34:25 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c08::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:44:58 GMT
x-content-type-options
nosniff
age
137257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37056
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 19:44:58 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:35 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
860763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76764
last-modified
Sat, 06 Jan 2024 21:53:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bdbd-12bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9cYmDXMdxOQO25FoUqRYaL0kJBghGupd3yhGoMwCwgZNCG2nCBcNTtwqYL4u%2FjU8VXPbFlac0yJDKLj5sOAy8wlgq5i4c3uZSCcDzNuRV46vudaZLUMjhN1MgYQy1WjPYyPTiEu"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c7352f1fb86db0-MIA
expires
Thu, 20 Mar 2025 09:52:35 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v3/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c08::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d72155967d9a17d9aeaa7644f85f362257372842df094ae7ae9aad643a2ea33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 07:34:28 GMT
x-content-type-options
nosniff
age
8287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57908
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:31:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 07:34:28 GMT
sdk.js
connect.facebook.net/en_US/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=343b611f02f940fbfa8f7af81dca01ec
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0af40460e5768d789a9eb6ce75b98e37a79baf74a565de97217103819ab3e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Mar 2024 09:52:35 GMT
content-md5
bVZegfqIKCQZgjY7+nuW2Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88691
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=21, mss=1294, tbw=6404, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
vPYTXt9mC05hG65jGPRZyX4cisnNzbUmWl5kA9kV/ok6261jpQumfeeMr52ZWTZIMYa/YdOwKnu3WhAYLDxEbQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
eca4186ceb623294c1ec262e8812dfa0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"05df80c584be9f29f9cc0617f13ed4c0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 30 Mar 2025 08:53:51 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3250132014601135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.124.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ys-in-f154.1e100.net
Software
cafe /
Resource Hash
ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141417
x-xss-protection
0
server
cafe
etag
15584447750450052148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 09:52:36 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v3/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c08::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
913342cd5c6fa7132e6dfdc64dfe79a6a63e737c0b0e3336fb7e518b701e9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
Origin
https://kiemtienonline.vansuapp.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:36 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8892
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:58:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 09:52:36 GMT
/
kiemtienonline.vansuapp.com/ 		2 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kiemtienonline.vansuapp.com/?action=getFeed&widgetId=Feed5&widgetType=Feed&responseType=js&xssi_token=AOuZoY7fx_nQ88bBPPt6FD59L4P1R0_9IQ%3A1711792355041
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1380559502-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c09::79 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
22695682798e6289027887e9244601986b63055b4b3f253109259624f3310323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 30 Mar 2024 07:24:37 GMT
server
GSE
etag
"22020044-efd2-4f57-b663-0319f0974e99"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
content-length
872
x-xss-protection
1; mode=block
expires
Sat, 30 Mar 2024 09:52:36 GMT
/
kiemtienonline.vansuapp.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kiemtienonline.vansuapp.com/?action=getFeed&widgetId=Feed4&widgetType=Feed&responseType=js&xssi_token=AOuZoY7fx_nQ88bBPPt6FD59L4P1R0_9IQ%3A1711792355041
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1380559502-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c09::79 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67f484f653dd2a2353d885893b06be4744779866786a0daea2e3aa6fefd87fc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
date
Sat, 30 Mar 2024 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 30 Mar 2024 07:24:37 GMT
server
GSE
etag
"22020044-efd2-4f57-b663-0319f0974e99"
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to
{"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
content-length
819
x-xss-protection
1; mode=block
expires
Sat, 30 Mar 2024 09:52:36 GMT
AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w268-h143-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
150b236aa86085553b0844cbbeb246da5db99e6ee70caf0fc945b7f0db83a476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:38 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5854
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:38 GMT
AEn0k_vvSs1LQoDab5rtcrLLlzq5k-nosYp8rAPRsneF3pVKTBuIvR_kk0i_cEMgseUIYZXrChBxLT2lVpEQqPa1Rz9VVY6M7HRVtOw_H8s87e7Vj8NIG0HrWiwLJ_OayQIayIukA97o9A=w268-h143-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vvSs1LQoDab5rtcrLLlzq5k-nosYp8rAPRsneF3pVKTBuIvR_kk0i_cEMgseUIYZXrChBxLT2lVpEQqPa1Rz9VVY6M7HRVtOw_H8s87e7Vj8NIG0HrWiwLJ_OayQIayIukA97o9A=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
c1e14fe1f6f107bcd3f4a02a00f469647f17c11615d91d3dca39453dcdd7ba67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:39 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16888
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:39 GMT
AVvXsEhS194p4YN0xETF_UOAkfmSdB5rw2YwsHAhUeJXHYo1HZF_2WiN_O9G-8aRZH_0vL_upstqlHRMXaEdLfo9LWDotldTrjqCBWknQiUxJ7UC1IeWREXFpeYqMEgwy7MzSXfuFeLi-2im5SOE3JYny8y_C00Y1oaJ-a_VgoPZbOAaQYI7qIMa34XAoisBRQ=w2...
blogger.googleusercontent.com/img/a/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhS194p4YN0xETF_UOAkfmSdB5rw2YwsHAhUeJXHYo1HZF_2WiN_O9G-8aRZH_0vL_upstqlHRMXaEdLfo9LWDotldTrjqCBWknQiUxJ7UC1IeWREXFpeYqMEgwy7MzSXfuFeLi-2im5SOE3JYny8y_C00Y1oaJ-a_VgoPZbOAaQYI7qIMa34XAoisBRQ=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8f7e88bb182d6fc212601a482f116d85ca5320f5cf3e8072a3dbb3cf459fa05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:36 GMT
x-content-type-options
nosniff
server
fife
etag
"v8cf"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="labatvi.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21314
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:36 GMT
AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w1177-h198-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w1177-h198-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
25f7d2d6cf0a0a742823beb0eebe169f09f1844356714f2370a97fb3c8c086ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:37 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13579
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame 2005 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
25245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 02:51:52 GMT
etag
5035419970550746386
expires
Sat, 13 Apr 2024 02:51:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 018F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3250132014601135&output=html&adk=1812271804&adf=3025194257&lmt=1711783477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x875_l%7C260x875_r&format=0x0&url=https%3A%2F%2Fkiemtienonline.vansuapp.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711792355968&bpp=6&bdt=739&idt=686&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4216712057271&frm=20&pv=2&ga_vid=1602348201.1711792357&ga_sid=1711792357&ga_hid=1612754975&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082032%2C95326315%2C95322195%2C31081873%2C95328826&oid=2&pvsid=4319611144052971&tmod=414661565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=470%2C470%2C470%2C470%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=896
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33631
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 09:52:37 GMT
expires
Sat, 30 Mar 2024 09:52:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AVvXsEhS194p4YN0xETF_UOAkfmSdB5rw2YwsHAhUeJXHYo1HZF_2WiN_O9G-8aRZH_0vL_upstqlHRMXaEdLfo9LWDotldTrjqCBWknQiUxJ7UC1IeWREXFpeYqMEgwy7MzSXfuFeLi-2im5SOE3JYny8y_C00Y1oaJ-a_VgoPZbOAaQYI7qIMa34XAoisBRQ=w2...
blogger.googleusercontent.com/img/a/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhS194p4YN0xETF_UOAkfmSdB5rw2YwsHAhUeJXHYo1HZF_2WiN_O9G-8aRZH_0vL_upstqlHRMXaEdLfo9LWDotldTrjqCBWknQiUxJ7UC1IeWREXFpeYqMEgwy7MzSXfuFeLi-2im5SOE3JYny8y_C00Y1oaJ-a_VgoPZbOAaQYI7qIMa34XAoisBRQ=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
8f7e88bb182d6fc212601a482f116d85ca5320f5cf3e8072a3dbb3cf459fa05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v8cf"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="labatvi.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21314
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:37 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.124.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ys-in-f154.1e100.net
Software
cafe /
Resource Hash
f0ee2d5b29f90ca5b2baa9c7aaac48b693b9b49bafd02b6a7a5cf521bcbde7b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57636
x-xss-protection
0
server
cafe
etag
5569310897847756942
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 09:52:37 GMT
ca-pub-3250132014601135
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3250132014601135?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0c::64 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de0b6d2dce0411358b69e18d2ca8e47e98ae9c77a3d0f3eca280a86741e0e0fd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-a-N7D908ev-8CtDpL8vn3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-a-N7D908ev-8CtDpL8vn3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw_Hs4PwNbAInrq_uYQQANxU2jg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w1177-h198-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w1177-h198-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
25f7d2d6cf0a0a742823beb0eebe169f09f1844356714f2370a97fb3c8c086ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:37 GMT
x-content-type-options
nosniff
server
fife
age
1
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13579
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:37 GMT
AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w268-h143-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sc1KHpD0LDrGoVcEIrZo82F_BBf3TExB1sacNjpRcbhDLPlZ9H8RRbNOVg3CzVWnKCMTIJZTcngTuLZIpevIUdREtSGvOqanzplnxMRUVcRKDmG5dUx9z-pl1o85fUkqN7i38RssNao7ZQ9oE=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
150b236aa86085553b0844cbbeb246da5db99e6ee70caf0fc945b7f0db83a476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:38 GMT
x-content-type-options
nosniff
server
fife
age
0
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5854
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:38 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame EF6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
25247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 02:51:52 GMT
etag
5035419970550746386
expires
Sat, 13 Apr 2024 02:51:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame 82AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
25247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 02:51:52 GMT
etag
5035419970550746386
expires
Sat, 13 Apr 2024 02:51:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame 8597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
25247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 02:51:52 GMT
etag
5035419970550746386
expires
Sat, 13 Apr 2024 02:51:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVxsxznfcNpqAbG9QrP-uNGGNx84gZmS0_bltzCY0z4syZ-5AK6rdZDk8hkv1sb5-m_kl5m6f3PLQuFrETI_9chhZjIuOiqM-6XsnTmmPb8P3wvTxX5nsmQf6oADJFB5S843BK6UQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVxsxznfcNpqAbG9QrP-uNGGNx84gZmS0_bltzCY0z4syZ-5AK6rdZDk8hkv1sb5-m_kl5m6f3PLQuFrETI_9chhZjIuOiqM-6XsnTmmPb8P3wvTxX5nsmQf6oADJFB5S843BK6UQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzkyMzU4LDYyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9raWVtdGllbm9ubGluZS52YW5zdWFwcC5jb20vIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0c::64 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a6e97e484395ae8d10d2931520ec439871ff8720b19fc1c08ee91090332e2da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3HxEh5iTfzx22QmU5pCpnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-3HxEh5iTfzx22QmU5pCpnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8ezg_A1sAjMOvtzHBADkcTGm"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AEn0k_vvSs1LQoDab5rtcrLLlzq5k-nosYp8rAPRsneF3pVKTBuIvR_kk0i_cEMgseUIYZXrChBxLT2lVpEQqPa1Rz9VVY6M7HRVtOw_H8s87e7Vj8NIG0HrWiwLJ_OayQIayIukA97o9A=w268-h143-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vvSs1LQoDab5rtcrLLlzq5k-nosYp8rAPRsneF3pVKTBuIvR_kk0i_cEMgseUIYZXrChBxLT2lVpEQqPa1Rz9VVY6M7HRVtOw_H8s87e7Vj8NIG0HrWiwLJ_OayQIayIukA97o9A=w268-h143-p-k-no-nu
Requested by
Host: kiemtienonline.vansuapp.com
URL: https://kiemtienonline.vansuapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
fife /
Resource Hash
c1e14fe1f6f107bcd3f4a02a00f469647f17c11615d91d3dca39453dcdd7ba67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:39 GMT
x-content-type-options
nosniff
server
fife
age
0
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16888
x-xss-protection
0
expires
Sun, 31 Mar 2024 09:52:39 GMT
show
fundingchoicesmessages.google.com/f/AGSKWxUav3XpGX79UJVx-8xa0cr1NJbgzjXzW2fg7ExZOBrAKfNKtPyv2peqVYpy5dMivIL0igTGCFNLjFlf27OAHmD_h3pJQ2u2z-TsHqs4DjEpr5lAr9FmCU8a2UZ4no9z6VuSyJzG6Z0Czrk1qmpJIzQjDsXW-... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUav3XpGX79UJVx-8xa0cr1NJbgzjXzW2fg7ExZOBrAKfNKtPyv2peqVYpy5dMivIL0igTGCFNLjFlf27OAHmD_h3pJQ2u2z-TsHqs4DjEpr5lAr9FmCU8a2UZ4no9z6VuSyJzG6Z0Czrk1qmpJIzQjDsXW-McxduOz2LWX6YWxpmMKqNV8wLjcYFm0/_/OAS/show?/placeholder-ad-/smallad-/ad-minister-/n4403ad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
8c007a0f31f8772c568f097bfc6dc32e68eeb7f87e952fe345418d73eb02ec97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wcAmeibrEEuUXAvuMMLjTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-wcAmeibrEEuUXAvuMMLjTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcDw_OH8Dm8CPewtfMwEAl6Q2hg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.124.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ys-in-f154.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
64469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Apr 2024 15:58:10 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u4hDb1_QhOjbWc-br_c5pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u4hDb1_QhOjbWc-br_c5pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIh-P5wfkb2AR-fJx9ixkAycoM_Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://kiemtienonline.vansuapp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5y9cB8sg9wMk9ZYkq8VUxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5y9cB8sg9wMk9ZYkq8VUxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1iDgFiIm-PFwfkb2AQWPNguBwC7Nwv0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kiemtienonline.vansuapp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QGjBwFYwit9TgN2MznIAEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QGjBwFYwit9TgN2MznIAEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIm-PFwfkb2ARu_JsiDQC8zQwp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://kiemtienonline.vansuapp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Tmp0Nm4Zu-vpY9j2Mo3hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-2Tmp0Nm4Zu-vpY9j2Mo3hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIm-PFwfkb2ARmfPsvDQC8jAxN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://kiemtienonline.vansuapp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUJzR9K2EcWoZ6nvVcs8TQVkNycGM3jttP5nsODmfkb5GKfHBH3UEREUpfOJmWe7-7QZNLSJYNtW07iUdMwXSBGOp1CZVn5lrzv1dqq5Vq-_oT2o8z3hkcLBE3noOtMKQWpio3aKg==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUJzR9K2EcWoZ6nvVcs8TQVkNycGM3jttP5nsODmfkb5GKfHBH3UEREUpfOJmWe7-7QZNLSJYNtW07iUdMwXSBGOp1CZVn5lrzv1dqq5Vq-_oT2o8z3hkcLBE3noOtMKQWpio3aKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzkyMzU5LDk4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8va2llbXRpZW5vbmxpbmUudmFuc3VhcHAuY29tLyIsbnVsbCxbWzgsIlJ5bm80RkQ5aVRFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e2036d724edfe167a5bc2457122c1ac9daaeac0c4a9e0819d2998bdf03cc78d4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZUMView98-StHvLw8vQYUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZUMView98-StHvLw8vQYUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEzfHi4PwNbAIn7s9UAgD8QjYS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ysif5T6__ypvzmXbp6EdxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-ysif5T6__ypvzmXbp6EdxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1iDgFiIm-PFwfkb2ARmfLmSDwC85gx2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kiemtienonline.vansuapp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8Tb2l_0PIMlLgJufaR210hatA3Rjb4Wlqydds2G2Uc3OoaZKVPkWDx6HnXN6n0Bqo_hYMVK2OwROsYbhnh7oAHkPrmrqBg-P5KmMpCdYmvVtHBnOvotnG6fYJPDjU2P2v3mQk7g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8Tb2l_0PIMlLgJufaR210hatA3Rjb4Wlqydds2G2Uc3OoaZKVPkWDx6HnXN6n0Bqo_hYMVK2OwROsYbhnh7oAHkPrmrqBg-P5KmMpCdYmvVtHBnOvotnG6fYJPDjU2P2v3mQk7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzkyMzYwLDIxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8va2llbXRpZW5vbmxpbmUudmFuc3VhcHAuY29tLyIsbnVsbCxbWzgsIlJ5bm80RkQ5aVRFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
3b6ea413931907e4d86fc1721bdc82acf25f03e50460ec4eb15c10e46d29962d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MD9i7Xlsezw4USLVRQjcoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MD9i7Xlsezw4USLVRQjcoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTN8eLg_A1sAhvWHqoBAK9QMTk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6HfwW22J_kFZUf7VHT2AOPu1XkQRnx56zOxFtzp8c6gWW99juWQaDTe987vw3j1mw2jvFbAbfGjJG439ioTdTshEy-KrSJuWvqU3vXGSGLlNqKmIiXFVv-P4z8gMANDlQejKT4g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV6HfwW22J_kFZUf7VHT2AOPu1XkQRnx56zOxFtzp8c6gWW99juWQaDTe987vw3j1mw2jvFbAbfGjJG439ioTdTshEy-KrSJuWvqU3vXGSGLlNqKmIiXFVv-P4z8gMANDlQejKT4g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzkyMzYwLDYyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9raWVtdGllbm9ubGluZS52YW5zdWFwcC5jb20vIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
92a3fa615fde242889e5dfa55df154eb78e57601ec88624da25e87b47b04867b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bnUE_ipLRE4UlDQgzBIpOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-bnUE_ipLRE4UlDQgzBIpOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw_Hi4PwNbAIzdrUdYQIAMQU2TQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUqdAAqN2jVt9rHMY7DxjWsmXRLfJVTMKxxfd4RPZY7De-Nr-asUxlL8bZuw74xnQO9v-gOvW3vbtNfa-ThYv8tmDfyzyRtnHpevsT2wM-IT6oObF22Ew1c_1pfIDtWveoAd5_BgA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqdAAqN2jVt9rHMY7DxjWsmXRLfJVTMKxxfd4RPZY7De-Nr-asUxlL8bZuw74xnQO9v-gOvW3vbtNfa-ThYv8tmDfyzyRtnHpevsT2wM-IT6oObF22Ew1c_1pfIDtWveoAd5_BgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-31geWM8Eh_eDUalxAn2F6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-31geWM8Eh_eDUalxAn2F6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIh-PFwfkb2AQebFq9lBkAx30MfQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kiemtienonline.vansuapp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF_Egd9h-n8K6CoeESSt5GroEc2WmTKqXLKyUnVP9a-iG0o9bq9ZMMY2Jkwd0AcXRbe12s-kNBmZd_xELOZmqKUPdJSak92WL-53Sh-iOU3ut1QyBUCqGankqGN7ffBTvx6jsV8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.138.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sPd43u_gzTWPORaDPjJZ2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Mar 2024 09:52:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-sPd43u_gzTWPORaDPjJZ2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1hDgFiIh-PFwfkb2AQetDxZygwAyIAMkA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kiemtienonline.vansuapp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240327&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.124.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ys-in-f154.1e100.net
Software
cafe /
Resource Hash
fb364577d308f21e0653ffc47892aed85655933b0cb677248c32d4423251912d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12323
x-xss-protection
0
favicon.ico
kiemtienonline.vansuapp.com/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kiemtienonline.vansuapp.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c09::79 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2be8199f2f9eb5217ad7c5c1c8b107a1913f457b0360cba22205aeab14afd2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 30 Mar 2024 07:24:37 GMT
server
GSE
etag
W/"79a95ed37afbd64bad90fbed8a6f92285cb1e0665a25cfb88f6c5b61e9cb0ef1"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
content-length
2551
x-xss-protection
1; mode=block
expires
Sat, 30 Mar 2024 09:52:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0c::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://kiemtienonline.vansuapp.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:52:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0c::84 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
302122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Mar 2024 21:57:20 GMT
expires
Wed, 26 Mar 2025 21:57:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E71F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yb-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vm68XgA1Q9XpOm8hToUkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kiemtienonline.vansuapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vm68XgA1Q9XpOm8hToUkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 09:52:42 GMT
expires
Sat, 30 Mar 2024 09:52:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240327&jk=4319611144052971&bg=!3d6l3pHNAAYQOWS2MDk7ADQBe5WfOBnYvgDJOvG50R9RCOVo4L1fnbN3LIsLD7mEU9EqG9eNjbRU-Sq9eoavgL-mbv_WAgAAAQ5SAAAAA2gBB34ANf07bfU_IDsRaIUecCDQ8vm_b9WKQSRGur5kir31IJ00iNeCmWcFRQsqfKl2DFBEBChLD5SQCgAIw6OUFBvkK6yZAqx9Y8np0Buw9xehetg8FU_g_0wb3yJ16EBzj1NyFF-IoWjZBw-araA-dGRyuPckpqhFG1Qcq6Ljxb9bkL3hrvQ3QfW0HKKEM_Yyb38g02jMyHKKM6V6AsVsApmoFsikB94rSD4uAm_1jtPd3LZdaEZX1-8ttInDMoMreaweeezp5rVUEj9NfJmVicodPynH9yZ3xDXwiArNBAOpDauDLIPrld-VWq_9zctXv8kExZhunHPoaSqr5__v_yYJvr-pr--dm_vN151dx_hmzgyeB2rb-5-Feb-xr-x_pix8K-tVJtD-w0nvX9BVJiWytsYwD33t9TqTacVMc51veToaNZCf_1avQi4wH7lMTGo_DzjY57mvu0YjlvAejWR-l2jMMDWbsqFbQpIp6RhjDFjDwhAgHwZE93Uuj6-BwoFsFXoTspYF9VgTZJ3KN3zo0fLYdYQ6tzzoOnxoleFhtPYma9kMfvTjZ4MuKGkpiaIStsBV92WVUsi3AeCT5c3ThFkV171ZdJCk1FLryLqYB459bD44AJA9N85dyksn2Xqa_VPHFHfjuAHi0GRiB06w8JJazH-zBXpEvGSkNVjCaqU5Rd4oWsIw6rERM-Y3n2OoO7VGyILlPenbO53M8nKHu-swpV61k3i4aOOufjPhAjCJFOz_58A1z_Ume3e0uA2TiwaHHbh4sU-J8yABcBIqWTIiazSAlqRs6BlK3imK9fJSToMbyFOQwedl-0iG1JAJmVcENzKbc02C5uY_S6X4DkHGJi-HiDmOZeHqpljJY5h-YR4QkgkbWq8adEkF82Kn7pPR3EI89g-YcSD-CqHqvcN2oA014TeCYiijIhBPSjhxiMZPV547PMR-QEClWCtCh5ewE-rUqJQ1FbwyJ33r4NFmKbZPKF4Be4QmrHRt1ns

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onpagereveal string| noThumbnail object| templateifyMessages object| FB object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| $ function| jQuery string| google_user_agent_client_hint object| _0xea41 function| _0xbed243 function| _0x52b368 function| _0x40f397 function| _0x39452b function| _0x2d5d69 function| _0x2210d1 function| _0x87bb34 function| _0x39612c function| _0x5ad0cb function| _0x213d0d function| _0x1a279d function| _0x381df2 function| _0x1cab5d function| _0x3d334f function| _0xc4018b function| _0x3ec19c function| _0x5780ee function| _0xe92e8b function| _0x1cabd2 function| _0x30ef9a function| _0x5f2495 function| _0x27c0b3 function| _0x249302 function| _0x203d59 function| _0x2b191d function| _0x392df0 function| _0xa62a function| _0x2455 boolean| fixedMenu string| viewAllText function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ boolean| fixedSidebar object| __buffer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZGQ2MGQ2NWIyMGVjNGI0N2xvYWRlcl9qcw== string| ZGQ2MGQ2NWIyMGVjNGI0N2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| google_empty_script_included boolean| d53ffe96-8458-44c0-af73-dee3b2428a95 object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.vansuapp.com/ Name: __gads
Value: ID=b2749869c35a3cba:T=1711792357:RT=1711792357:S=ALNI_Ma5i_GmNgIkI9dWDtuYFVfaE27c9A
.vansuapp.com/ Name: __gpi
Value: UID=00000dd7094f5e55:T=1711792357:RT=1711792357:S=ALNI_MZ4UTGxje7K890HmqsL8m_cDZys3g
.vansuapp.com/ Name: __eoi
Value: ID=2313bd03941b3114:T=1711792357:RT=1711792357:S=AA-AfjaHEKc8nCvlrQHiJYrF2XQP
.media.net/ Name: visitor-id
Value: 3547939601524198000V10
.vansuapp.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9bQaIpUaREg2QRdNle_--iFmXh19HVG1Eg8HmI5KNVI1Dg7V9QvYogDvUHK3yVvZHzreLwxU58tlBFtU2xHZoX50sHPxf3CSNCFzUzPfoFoEg8EXtt_0XaFQnYpB7vKA8n7mmh_bcjXOhBXt7wYpdq7dMncQ%3D%3D%22%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUnxY83U2BocbJ9HVvdw53vLz_dMZuQDrmhx8Z8DTLBCXDggNoN3L2FMGbemcjs
.media.net/ Name: data-g
Value: CAESENTspppMuPsHSA-CpFCBr7E~~6

14 Console Messages

Source Level URL
Text
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kiemtienonline.vansuapp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdnjs.cloudflare.com
connect.facebook.net
dvms.com.vn
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
kiemtienonline.vansuapp.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
pagead2.googlesyndication.com
104.17.24.14
112.213.89.115
142.250.81.225
172.253.124.154
2607:f8b0:4002:c05::84
2607:f8b0:4002:c08::5e
2607:f8b0:4002:c09::79
2607:f8b0:4002:c0c::64
2607:f8b0:4002:c0c::84
2607:f8b0:4002:c0c::bf
2a03:2880:f012:8:face:b00c:0:1
64.233.185.156
64.233.185.99
74.125.138.101
0016acef19c1c4fed5f13ac338c5f3b2738b6873bceb66bc824c821623fa7bac
00b18f45477956d410a76a35d03dc0a43159d2a2dcb9b6cab5f4075a3a0aeb58
01771f2e8762f1d687fe1b44dedbd8e9aae207b4e984e4dbdda86b0309134c78
09b83943ca574d3a5a1d03e2ee4b1dba592a35d28d8907accbf5f528bbba7115
0b913288609c1ace8e1c3e995caa07176c318d01194aa77299aa28d278688a35
0be1e01cac86fb231cc08a69d7a02f9bd8404b90a2037482a8a1e50b18a92b35
150b236aa86085553b0844cbbeb246da5db99e6ee70caf0fc945b7f0db83a476
22695682798e6289027887e9244601986b63055b4b3f253109259624f3310323
25f7d2d6cf0a0a742823beb0eebe169f09f1844356714f2370a97fb3c8c086ea
3b6ea413931907e4d86fc1721bdc82acf25f03e50460ec4eb15c10e46d29962d
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4a6e97e484395ae8d10d2931520ec439871ff8720b19fc1c08ee91090332e2da
4d72155967d9a17d9aeaa7644f85f362257372842df094ae7ae9aad643a2ea33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67f484f653dd2a2353d885893b06be4744779866786a0daea2e3aa6fefd87fc8
6a94d017dd2e6d260f4b9096c1a47a22157b588ac678682acf3114af0cdf1663
7f517e0a99c99691719d80e7f803c0385a2eebd0fa9069642cbdc7cd4f98667e
8554b6bed91e1e3c9b7cf7c2a60d9fe9abf4233377f9c390e5cfffbe340da87a
8c007a0f31f8772c568f097bfc6dc32e68eeb7f87e952fe345418d73eb02ec97
8f7e88bb182d6fc212601a482f116d85ca5320f5cf3e8072a3dbb3cf459fa05b
913342cd5c6fa7132e6dfdc64dfe79a6a63e737c0b0e3336fb7e518b701e9e5f
92a3fa615fde242889e5dfa55df154eb78e57601ec88624da25e87b47b04867b
ae04e2d722f416d5f5d9441c1ae3e9e00f04fd1a6c377ea72d32167aac308f41
c1e14fe1f6f107bcd3f4a02a00f469647f17c11615d91d3dca39453dcdd7ba67
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
de0b6d2dce0411358b69e18d2ca8e47e98ae9c77a3d0f3eca280a86741e0e0fd
e0af40460e5768d789a9eb6ce75b98e37a79baf74a565de97217103819ab3e4a
e2036d724edfe167a5bc2457122c1ac9daaeac0c4a9e0819d2998bdf03cc78d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa
f0ee2d5b29f90ca5b2baa9c7aaac48b693b9b49bafd02b6a7a5cf521bcbde7b9
f2be8199f2f9eb5217ad7c5c1c8b107a1913f457b0360cba22205aeab14afd2d
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb364577d308f21e0653ffc47892aed85655933b0cb677248c32d4423251912d