tuongtacthuoc.hscc.vn Open in urlscan Pro
112.78.2.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tuongtacthuoc.hscc.vn/
Submission Tags: @phishunt_io
Submission: On August 26 via api (August 26th 2023, 9:06:50 am UTC) from DE — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 12 domains to perform 63 HTTP transactions. The main IP is 112.78.2.112, located in Viet Nam and belongs to ODSJSC-AS-VN ODS Joint Stock Company, VN. The main domain is tuongtacthuoc.hscc.vn.
TLS certificate: Issued by R3 on August 26th 2023. Valid for: 3 months.

This is the only time tuongtacthuoc.hscc.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	112.78.2.112 112.78.2.112	45538 (ODSJSC-AS...) (ODSJSC-AS-VN ODS Joint Stock Company)
14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:402... 2a00:1450:4026:808::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:16::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
63	18

7 112.78.2.112 (Viet Nam)

ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN)
PTR: s2d112.cloudnetwork.vn

tuongtacthuoc.hscc.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4026:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:16::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednd7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	398 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 bid.g.doubleclick.net — Cisco Umbrella Rank: 825	99 KB
7	hscc.vn tuongtacthuoc.hscc.vn	2 MB
4	gstatic.com csi.gstatic.com	350 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	3 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1220 r2---sn-4g5ednd7.c.2mdn.net	2 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 510	133 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	601 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	24 KB
63	12

	Domain	Requested by
16	pagead2.googlesyndication.com	tuongtacthuoc.hscc.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tuongtacthuoc.hscc.vn tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
7	tuongtacthuoc.hscc.vn	tuongtacthuoc.hscc.vn
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com tuongtacthuoc.hscc.vn
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	r2---sn-4g5ednd7.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	tuongtacthuoc.hscc.vn
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	tuongtacthuoc.hscc.vn
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.ampproject.org	tuongtacthuoc.hscc.vn
63	19

This site contains no links.

Subject Issuer	Validity	Valid
tuongtacthuoc.hscc.vn R3	`2023-08-26` - `2023-11-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-08` - `2023-10-17`	2 months	crt.sh

This page contains 12 frames:

Primary Page: https://tuongtacthuoc.hscc.vn/
Frame ID: FFFFC74E944BCDEC0C2085B5BADB0B48
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 3394DC7C4CB9E795AF45F97F946605CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1509351565592842&output=html&adk=1812271804&adf=1573534164&lmt=1693033603&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftuongtacthuoc.hscc.vn%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693040802815&bpp=5&bdt=2774&idt=208&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2594421131143&frm=20&pv=2&ga_vid=1752580460.1693040804&ga_sid=1693040804&ga_hid=2032173946&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759876%2C44759927%2C44759842%2C31076839%2C31077260%2C42531705%2C44769662&oid=2&pvsid=3259885784879590&tmod=7003059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=695
Frame ID: 5F571985F251371B0C71B1B099A06297
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: DDD5EE375755E25B4B8AF3BD7F707B2D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9D431034AD61155778B3D9F075581035
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChDBgvDVAhjCg4jxATAB&v=APEucNXDJpegHlJIIGewj-b4J7EdywMReYlDS4P0a-Ddn6JktSk9GeuY0c_IqBprUuOVOPlmfKnJ9ivHrZEktL7LG-7WT4VPmgENBqD_HDF-NkUQ5x2pf8Uc1fFVlktvXIvl8QbGPif98pe2NCzvsHFkF01s75FfQzqZT8l9RwX12ITUv6hlp70
Frame ID: 4911739C0526668C2E8322D67110818F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js
Frame ID: 24D40EB81B6BF83CF656E10F0706D1ED
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js
Frame ID: 5ED671C12DE1BC76932DF24C7243050A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 24310615C3B66F80B37206C1D640783F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 97540F492E6257489D772BC033D499EF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C7ED9A5D2F663915ACDB745CAE482CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D711D876404D9BAD9DAFD23EDD909F2F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tương tác thuốc, chống chỉ định kết hợp thuốc trên lâm sàng, Quyết định số 5948/QĐ-BYT ngày 30/12/2021 của Bộ Y tế về việc ban hành Danh mục tương tác thuốc chống chỉ định trong thực hành lâm sàng tại các cơ sở khám bệnh, chữa bệnh

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

19
Subdomains

18
IPs

5
Countries

4368 kB
Transfer

5974 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1

Request Chain 35

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOnApBwPRcfuKpfl-8MzCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8vln79aZ678Bycu3TpN34&google_cver=1

Request Chain 37

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzODA4MTEwMTQxNDQ3NzY2Nw%3D%3D

Request Chain 48

https://gcdn.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/455DABABFE0F897CE58B490EAA67B4CC85E8FCFD.2F6AC2733EDB93C55A296C56F9531D2778B138B3/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10F9BBDA474B0FFAC7651291627BA209AAF6FEE9.77E6AF1E132C4AB0E79210A27F5442B9BAD70C5F/key/cms1/cms_redirect/yes/mh/cW/mip/2a01:4a0:2b::3/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1693040314/mv/u/mvi/2/pl/29/file/file.mp4

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tuongtacthuoc.hscc.vn/ 430 KB
397 KB 4299ms
488ms Document
text/html 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff782142728757957286f035526425c1bb89394a824802d2e8b83a1305c58575

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-type: text/html
date: Sat, 26 Aug 2023 09:06:33 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 w3.css
tuongtacthuoc.hscc.vn/ 29 KB
10 KB 820ms
818ms Stylesheet
text/css 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuongtacthuoc.hscc.vn/w3.css
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 20e30d9562d3bd90c32104cbabd0ce194b16d9510581aca10f3433614ce4b238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:35 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 04:30:24 GMT
server: Microsoft-IIS/10.0
etag: "26c55917b0a8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9885

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 103ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 26 Aug 2023 09:06:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23196
x-xss-protection: 0
server: sffe
etag: "fe0683e7c09dadfa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 26 Aug 2023 09:06:40 GMT

GET
H2 200 jquery-2.0.0.min.js Show response
tuongtacthuoc.hscc.vn/ 81 KB
40 KB 820ms
818ms Script
application/javascript 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuongtacthuoc.hscc.vn/jquery-2.0.0.min.js
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:35 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 04:32:49 GMT
server: Microsoft-IIS/10.0
etag: "687afe6db0a8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 41084

GET
H2 200 all.css
tuongtacthuoc.hscc.vn/css/ 220 KB
49 KB 821ms
819ms Stylesheet
text/css 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuongtacthuoc.hscc.vn/css/all.css
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 730311fe453cbf37f68fefd56fee3530a4722ed549aa300699979fbeef6b0e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:35 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 04:28:47 GMT
server: Microsoft-IIS/10.0
etag: "83cbd8ddafa8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 50008

GET
H2 200 bannertools_tech.png
tuongtacthuoc.hscc.vn/ 179 KB
179 KB 1093ms
1092ms Image
image/png 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuongtacthuoc.hscc.vn/bannertools_tech.png
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80db491f06fb396160791f64ec4ffe56935c95542c6db710030e3f96af5c2c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:35 GMT
last-modified: Tue, 27 Jun 2023 04:30:18 GMT
server: Microsoft-IIS/10.0
etag: "1163de13b0a8d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 182893

GET
H2 200 banner.png
tuongtacthuoc.hscc.vn/ 821 KB
822 KB 800ms
800ms Image
image/png 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tuongtacthuoc.hscc.vn/banner.png
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 230f33f0a0d0c268b53df49e11daeff40258fa1c73e0dbf2e84f53dd3776b222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:36 GMT
last-modified: Tue, 27 Jun 2023 04:28:26 GMT
server: Microsoft-IIS/10.0
etag: "aeb543d1afa8d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 840835

GET
H2 200 fa-duotone-900.woff2
tuongtacthuoc.hscc.vn/webfonts/ 183 KB
183 KB 797ms
796ms Font
font/x-woff2 112.78.2.112
ODSJSC-AS-VN ODS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuongtacthuoc.hscc.vn/webfonts/fa-duotone-900.woff2
Requested by: Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.78.2.112 , Viet Nam, ASN45538 (ODSJSC-AS-VN ODS Joint Stock Company, VN),
Reverse DNS: s2d112.cloudnetwork.vn
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75

Request headers

Referer: https://tuongtacthuoc.hscc.vn/css/all.css
Origin: https://tuongtacthuoc.hscc.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Aug 2023 09:06:36 GMT
last-modified: Tue, 27 Jun 2023 04:32:47 GMT
server: Microsoft-IIS/10.0
etag: "c557a16cb0a8d91:0"
x-powered-by: ASP.NET
content-type: font/x-woff2
accept-ranges: bytes
content-length: 186964

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 88ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1509351565592842

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c321d7aafc6f4e3c2d570d82146e07e632d113210df0da843cdd6685fb1c1a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Origin: https://tuongtacthuoc.hscc.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50878
x-xss-protection: 0
server: cafe
etag: 17444924467249719577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:06:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 391 KB
131 KB 112ms
96ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1509351565592842&plah=tuongtacthuoc.hscc.vn

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1509351565592842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c94c3c3aa036c04945e90d4ab0cec7b88bf879b51c015167c0e0be68172e8825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134474
x-xss-protection: 0
server: cafe
etag: 14903253414269874994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:06:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 3394 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1509351565592842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 07:30:30 GMT
etag: 9878862242593084568
expires: Sat, 09 Sep 2023 07:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
601 B 73ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tuongtacthuoc.hscc.vn&callback=_gfp_s_&client=ca-pub-1509351565592842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1509351565592842&plah=tuongtacthuoc.hscc.vn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbacde36b5fa585acf6ae8bf17df33051d78a65ff1c7a1263c7b8803c2f34af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F57 235 KB
67 KB 363ms
362ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1509351565592842&output=html&adk=1812271804&adf=1573534164&lmt=1693033603&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftuongtacthuoc.hscc.vn%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693040802815&bpp=5&bdt=2774&idt=208&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2594421131143&frm=20&pv=2&ga_vid=1752580460.1693040804&ga_sid=1693040804&ga_hid=2032173946&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759876%2C44759927%2C44759842%2C31076839%2C31077260%2C42531705%2C44769662&oid=2&pvsid=3259885784879590&tmod=7003059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=695

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6958d2e96e4b15c3b1185b876cbadb4257aa32067b7ba919ebb24e6f6ad7e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 09:06:43 GMT
expires: Sat, 26 Aug 2023 09:06:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 154 KB
52 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a1f19bf18adcfe8c5b82415ce71447b94ba58888e7c6a9cb86aef8291414915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53634
x-xss-protection: 0
server: cafe
etag: 10071639682165329272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:06:43 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame DDD5 10 KB
4 KB 10ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 18:42:36 GMT
etag: 9878862242593084568
expires: Fri, 08 Sep 2023 18:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 9D43 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 18:42:36 GMT
etag: 9878862242593084568
expires: Fri, 08 Sep 2023 18:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DDD5 4 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 26 Aug 2023 08:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Aug 2023 09:06:44 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame DDD5 15 KB
7 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 15:08:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame DDD5 20 KB
8 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 14:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 14:46:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4911 624 B
246 B 51ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChDBgvDVAhjCg4jxATAB&v=APEucNXDJpegHlJIIGewj-b4J7EdywMReYlDS4P0a-Ddn6JktSk9GeuY0c_IqBprUuOVOPlmfKnJ9ivHrZEktL7LG-7WT4VPmgENBqD_HDF-NkUQ5x2pf8Uc1fFVlktvXIvl8QbGPif98pe2NCzvsHFkF01s75FfQzqZT8l9RwX12ITUv6hlp70

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 09:06:44 GMT
expires: Sat, 26 Aug 2023 09:06:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 24D4 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 15:32:15 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 24D4 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3069
x-xss-protection: 0
server: cafe
etag: 15211577367894686919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 15:32:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 24D4 0
0 101ms
45ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstLtcb1H65ZNMulhc_VFr5hVeHE-BHUy4QJYl-ATvwfaXj3vl2cFN-vxnD0rXbgw6gHEi0XeMg-xzVuPjm_2Fbic4U0ItlHo1g1ApHGSwXYFFn2kl9VPhqpY9IOq_Ffx_ev_-3dMJWAAYeK8FLnQEimWOICE6gBGIcaPpgEEjMMLNZeKBz3eLrysR0acQQiarCNgUhJqNJM_sFUI3lVI4yay-y-4pxw5OyeDuSRiXEgkcTHmt-52_cb86fuwyLgY37i3munAdR2t-TunpOcTKJ7dur2E0N6J19gaqkUKI4Lc4OucDK5OiKGuUxWMLk6l6maKuip2RnV1LQuYJGammmyqDKk_LuNRgi7JLRAr5cYTBenLWhgyQ2-GFbA-BuZEYQ3aImVfa2JhKwBwolQHJoTPfDUCxC3hiBAPuH3BQtJBATpe9ZdxxHmGT28HDW47EL0vrlVoHg8U1o3N80RTiB97Lx_1MR5MiI9oJjIFi7FdUCz3hngb8YuFJfD7JjqX2aCUQBxC95dt7vod1ai3d-cKijHAcomB6qW5iKrgy-ZLbF8l-VXnXuzYxwrj8Q1RmZih0m-oK6S3Y3xaHNeDkez2WWfHy9epV5XC3ePJ3KSqJr1yjGqYPTMyEXfulSgXbjIs81eHv-u5-2SEr0i68UKJJsPrUEAbaQ2nbFB9FFBjcmNpf1DyXdNThqeRX5lAfPbxcUBirQHVrzNE5Ojh8u416rOHmPnvExZgFIwDncY4TFGsVRqrU_fBmq40THSikL5HmDB-VsQ1JZMPyr8bW7UOYYVLvM9hJg4DEyJozcL3_T4XAMKBfjeYSdIVqq3mOUnrVYLI2poHOuBZIrqFPP-6XCzF2nDGohWoJROZnKhctCDx3V6c474y3smz0-zyIP8mGBh1coxAVmFgzQXFIG419WC6iRYB4U4ZNH1DdCdFEbWmmMFUU8B20A1KJkw2PC3C5DV3_Aa5ASqEP7loqbfTOOLRQD7w_P5DtSa7mM29HLNLdySg7nIXquIF6DwX9E6ahddbX-WA5kws3Yt2kjktLo5SGzOxLLa4sHgq9-m55mr5Z9uT6aRI4Y_l_0pAkRLvd9xE-adx5mG1oY6HPMqHiuCNooUl3bwYC4abK48W0Tclc2QnqWb1-_OhVomJk1TpDHgjtgCm0h_83DnVKUea3-n5lQJh3UWSOfVs7tDucFTKtS_fh07JKud0fdFysUcXWbTgj6cxW_g-XZbAI_&sai=AMfl-YSWuTrK0H2WpuLf-B9WB_j4Hxz2_r5aBSHQKbY4AgTpibcCV4XA7GNgzLwuWcW6dVxIfEFE3MZdMYrmOMBVTb5AN9-ngHNw-AJXBT62TEMoN3j1kT-Fs3ChW_LlooYV87vlDGzWL3Tt_AQz-6JIdj7oOeSfw_KAw7oM7_ad7a-UE6RrPgIL6lmGVUn9dMNswl3ZgM7DUiY4k0yzlfRxiPV-2mv72H2v_iPVtMr1v0qLaftDfw&sig=Cg0ArKJSzJ_vRkRVJxkpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230823.12912&arae=0&ftch=1&adurl=

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:06:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 24D4 41 KB
14 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 24D4 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 03:15:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 24D4 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 03:15:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24D4 181 KB
57 KB 81ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:06:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24D4 42 B
63 B 107ms
105ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYTbTr5I7AQ5I0AVYSxej854SpIYflCSUy1jH_zvRgzwnBXx0EOiPSmLG2FregNcEOHTebo8TlO_dPYEKyrNt9Zh8qcvJGvrUbRAKzJ9P7xe4sRpY

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4413429247828146845
s0.2mdn.net/simgad/ Frame 24D4 33 KB
34 KB 47ms
8ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4413429247828146845

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1fa4bff548700cb9196a02d978d88177195b22e87dcac012378ecc3095db5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:21:11 GMT
x-content-type-options: nosniff
age: 337533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33928
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 13:13:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 11:21:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 5ED6 23 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 03:15:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5ED6 8 KB
823 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 26 Aug 2023 08:02:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Aug 2023 09:06:44 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5ED6 15 KB
3 KB 39ms
8ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 05:45:19 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5ED6 368 KB
128 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 13:36:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5ED6 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 03:15:26 GMT

GET
DATA 200
OK truncated
/ Frame 24D4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3568c67f83ef8b4773c6c6c6c8713dba1b0af4a0ba82a8493f68c2f62be74798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4911
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChDBgvDVAhjCg4jxATAB&v=APEucNXDJpegHlJIIGewj-b4J7EdywMReYlDS4P0a-Ddn6JktSk9GeuY0c_IqBprUuOVOPlmfKnJ9ivHrZEktL7LG-7WT4VPmgENBqD_HDF-NkUQ5x2pf8Uc1fFVlktvXIvl8QbGPif98pe2NCzvsHFkF01s75FfQzqZT8l9RwX12ITUv6hlp70
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Aug 2023 09:06:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4911
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOnApBwPRcfuKpfl-8MzCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChDBgvDVAhjCg4jxATAB&v=APEucNXDJpegHlJIIGewj-b4J7EdywMReYlDS4P0a-Ddn6JktSk9GeuY0c_IqBprUuOVOPlmfKnJ9ivHrZEktL7LG-7WT4VPmgENBqD_HDF-NkUQ5x2pf8Uc1fFVlktvXIvl8QbGPif98pe2NCzvsHFkF01s75FfQzqZT8l9RwX12ITUv6hlp70
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Aug 2023 09:06:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3ytf6sZl3wxJSig6sYjog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4911
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8vln79aZ678Bycu3TpN34&google_cver=1

43 B
837 B

19ms
18ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF8vln79aZ678Bycu3TpN34&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChDBgvDVAhjCg4jxATAB&v=APEucNXDJpegHlJIIGewj-b4J7EdywMReYlDS4P0a-Ddn6JktSk9GeuY0c_IqBprUuOVOPlmfKnJ9ivHrZEktL7LG-7WT4VPmgENBqD_HDF-NkUQ5x2pf8Uc1fFVlktvXIvl8QbGPif98pe2NCzvsHFkF01s75FfQzqZT8l9RwX12ITUv6hlp70

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
an-x-request-uuid: 38455cf5-b9a0-48b3-9030-0840851af9e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.40; 81.95.5.40; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF8vln79aZ678Bycu3TpN34&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4911
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzODA4MTEwMTQxNDQ3NzY2Nw%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzODA4MTEwMTQxNDQ3NzY2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
an-x-request-uuid: 4337e820-a1a4-447d-9c96-407c88b6e679
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzODA4MTEwMTQxNDQ3NzY2Nw%3D%3D
x-proxy-origin: 81.95.5.40; 81.95.5.40; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2431 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 53765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 18:10:39 GMT
expires: Sat, 24 Aug 2024 18:10:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 24D4 0
0 45ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstLtcb1H65ZNMulhc_VFr5hVeHE-BHUy4QJYl-ATvwfaXj3vl2cFN-vxnD0rXbgw6gHEi0XeMg-xzVuPjm_2Fbic4U0ItlHo1g1ApHGSwXYFFn2kl9VPhqpY9IOq_Ffx_ev_-3dMJWAAYeK8FLnQEimWOICE6gBGIcaPpgEEjMMLNZeKBz3eLrysR0acQQiarCNgUhJqNJM_sFUI3lVI4yay-y-4pxw5OyeDuSRiXEgkcTHmt-52_cb86fuwyLgY37i3munAdR2t-TunpOcTKJ7dur2E0N6J19gaqkUKI4Lc4OucDK5OiKGuUxWMLk6l6maKuip2RnV1LQuYJGammmyqDKk_LuNRgi7JLRAr5cYTBenLWhgyQ2-GFbA-BuZEYQ3aImVfa2JhKwBwolQHJoTPfDUCxC3hiBAPuH3BQtJBATpe9ZdxxHmGT28HDW47EL0vrlVoHg8U1o3N80RTiB97Lx_1MR5MiI9oJjIFi7FdUCz3hngb8YuFJfD7JjqX2aCUQBxC95dt7vod1ai3d-cKijHAcomB6qW5iKrgy-ZLbF8l-VXnXuzYxwrj8Q1RmZih0m-oK6S3Y3xaHNeDkez2WWfHy9epV5XC3ePJ3KSqJr1yjGqYPTMyEXfulSgXbjIs81eHv-u5-2SEr0i68UKJJsPrUEAbaQ2nbFB9FFBjcmNpf1DyXdNThqeRX5lAfPbxcUBirQHVrzNE5Ojh8u416rOHmPnvExZgFIwDncY4TFGsVRqrU_fBmq40THSikL5HmDB-VsQ1JZMPyr8bW7UOYYVLvM9hJg4DEyJozcL3_T4XAMKBfjeYSdIVqq3mOUnrVYLI2poHOuBZIrqFPP-6XCzF2nDGohWoJROZnKhctCDx3V6c474y3smz0-zyIP8mGBh1coxAVmFgzQXFIG419WC6iRYB4U4ZNH1DdCdFEbWmmMFUU8B20A1KJkw2PC3C5DV3_Aa5ASqEP7loqbfTOOLRQD7w_P5DtSa7mM29HLNLdySg7nIXquIF6DwX9E6ahddbX-WA5kws3Yt2kjktLo5SGzOxLLa4sHgq9-m55mr5Z9uT6aRI4Y_l_0pAkRLvd9xE-adx5mG1oY6HPMqHiuCNooUl3bwYC4abK48W0Tclc2QnqWb1-_OhVomJk1TpDHgjtgCm0h_83DnVKUea3-n5lQJh3UWSOfVs7tDucFTKtS_fh07JKud0fdFysUcXWbTgj6cxW_g-XZbAI_&sai=AMfl-YSWuTrK0H2WpuLf-B9WB_j4Hxz2_r5aBSHQKbY4AgTpibcCV4XA7GNgzLwuWcW6dVxIfEFE3MZdMYrmOMBVTb5AN9-ngHNw-AJXBT62TEMoN3j1kT-Fs3ChW_LlooYV87vlDGzWL3Tt_AQz-6JIdj7oOeSfw_KAw7oM7_ad7a-UE6RrPgIL6lmGVUn9dMNswl3ZgM7DUiY4k0yzlfRxiPV-2mv72H2v_iPVtMr1v0qLaftDfw&sig=Cg0ArKJSzJ_vRkRVJxkpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=107&vt=11&dtpt=104&dett=2&cstd=0&cisv=r20230823.12912&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: tuongtacthuoc.hscc.vn
URL: https://tuongtacthuoc.hscc.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Aug 2023 09:06:44 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5ED6 0
234 B 140ms
42ms Ping
image/gif 2a00:1450:4026:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llrss5dc&c=7371500894661&slotId=3685750447330.5&qqid=CNW8vr38-YADFUZWkQUdsRoK3Q&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4026:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ED6 0
20 B 109ms
109ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CMKbYo8DpZJXfIcasxdwPsbWo6A24vMWyceCN_7e8EfDu_-uQAhABIOC0qJYBYJWCgICYB8gBBakCJVKIFvEcsj6oAwHIA5sEqgT6AU_QF-8YHh_0ZfBydQWkzOfO3sKZvc2PmgP3xjkxfBx_Pxjc2g0S8fwhKKSiPlfCEnYnczlGmh9JbIpt4IpHPPQLxR4-WWW7ktgMOKhYy5ogNQrCoR_ZkfnGh4uuHCOhQ-UI5Cjqmhbq_PGBf1IeGAFuwaLPrXH6Js7cszVR6OwdeAgsp2MddBD5ZGpogM6aXtpyhm8p_TAxn1uFVrMf7KalXBLociJ-n2hO_0Le8cmTKku7ZbO_SJKFUaudaYbbLBiC9A29ERnnTR7C7G_rDkUy22GaLnS87AD948YODVxR-CxLICqZi6lpuxzxVB7e5jqaM41s3mmy8KXABOH3nIi8BOAEA4gF54vv2kuQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATtsP2E8gT6uWV4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1693040804408&ai=CMKbYo8DpZJXfIcasxdwPsbWo6A24vMWyceCN_7e8EfDu_-uQAhABIOC0qJYBYJWCgICYB8gBBakCJVKIFvEcsj6oAwHIA5sEqgT6AU_QF-8YHh_0ZfBydQWkzOfO3sKZvc2PmgP3xjkxfBx_Pxjc2g0S8fwhKKSiPlfCEnYnczlGmh9JbIpt4IpHPPQLxR4-WWW7ktgMOKhYy5ogNQrCoR_ZkfnGh4uuHCOhQ-UI5Cjqmhbq_PGBf1IeGAFuwaLPrXH6Js7cszVR6OwdeAgsp2MddBD5ZGpogM6aXtpyhm8p_TAxn1uFVrMf7KalXBLociJ-n2hO_0Le8cmTKku7ZbO_SJKFUaudaYbbLBiC9A29ERnnTR7C7G_rDkUy22GaLnS87AD948YODVxR-CxLICqZi6lpuxzxVB7e5jqaM41s3mmy8KXABOH3nIi8BOAEA4gF54vv2kuQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATtsP2E8gT6uWV4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5ED6 0
45 B 132ms
44ms Ping
image/gif 2a00:1450:4026:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llrss5dl&c=7371500894661&slotId=3685750447330.5&qqid=CNW8vr38-YADFUZWkQUdsRoK3Q&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.p6&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4026:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5ED6 29 KB
17 KB 129ms
66ms XHR
text/xml 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Ai8gICb8z0bQtTf-h7C9VYfHYnCkrgGBcnferwd4CH-lhoHXlkRAVWojBUZqn-kjuttAXTdoBjek-Jm62tQrYerFZMYA&cry=1&dbm_d=AKAmf-Dj337j5K40I__-3j2PebLT7yV32PSkIB9fTNAdolD8GpIhu0SaK2QiUxKOmiesOjgBW0UjF7qHOt0Be2Ze9E7mnub3KFKsUdsUsrEw1nSL_9QurkWf-Jaw5ONjFfww1KdzTg6Lzz4id443iqhsrd7aI1WJnWG1yZt4f4Pl7ve3DpQH-GFXQcJGJKCyW_18wAG_JnrqACmjJDLR3cIw0K2pm8fZreSr791sD2kvwqpOVsECSJKxOBWema4UkFaBfITSB-Q2mLpM42sIaRKl7hjTQALUG5s4gzvo6e6eSgv97_USejJZ4sTv3TiQP6EX6TCGsAsbqzGgH2WihxBRsVyP_3dcae_EDqfsDdooEMsjfpvQVNFFph_oCxAigC_Br4uEuVzwOmXiBPoe99ueoGlYq_FMfEVcryU_2yYTIryRHXaYuVii_YO251Wpr8Q7otsekppf0ri7ZapQDGP9PK6JKZ5w9xUSCI__K7bsZYtCMhDyVfLg0EidCPGdXzi8qS-nUp5CeE62KfkvAccFNKJV7fEEmA93CNbT63FaZ5GzFjTVpG_08X8VmhYYhWDMiHxqaSjjiLG0xK-BoLy2FImJgq6rf-QaK1eITcC21IrtXmx57JYXhKvePCT26N14Tnm_dLjebtYlzcPgeBcPe2ikR_wTqoHMGF5KTM-t4_HVfXYyLEYKGTlbnQeDpqYXy418XU3AysJYDmEs7pgAiXYTSBLjOAO1vtffKIOR7Fi8V56ZORoTaAl5Ui2eY3NzKh9sgM72GTmTdQYiR3qDZMQODY_uMytnUvurgrveYSYxwLMcW7a5f-ZF-qZ1BxhBNEpAEz5dvZWQqsEv-p5wl23D_KBhYQgdN0vmjThWLoEP4_1tBECUTasP3Sh2fE8tAUO8mjpvnTiYRQgLq11bvps4VMJrsiEUG8jSbM34Dz00chZj5vWzD1AyhQJ9dBgvagbaxmWMIYQjBEnfTnVqI0Px_BAhywqjX4i56hlFa-0h9SQO8r3VTmtUZTInfuXuDxBvz5jiWv3MJZOJEkqMT0omXsunb9SE1VJWI-Ktg9BMy3-Efwvs0U3jAlewCFzWjJTe9rYV54y1EjO-b20iirvdLJtElV2DOb1o48Cc90A6BnFwtvlemaJCnGB7Op6v3MpAEIqJJQmRjcY0XxEKuIFmFJFLeVhQiu7DuQ58rS5Gjfw29HLmzJg03igmb92BOp8addq21y1KpduNUnzdL5VBb8-iHIzz7x7_qv8Ru4IAQHe7TMsyb0-tzrQreWPIV6d9aTRh5Y4arUR4O7J2_7ScB-bSiXZC-3xNvrI8LR9n1shFHGLha-fVstufV0FOJdTXw8QtFBspK7U0Jx3AGUwFvE880GpHjIz4bg1ItPOJ-JcKXKn0xzCqVzuBHVn8kMonQrM2RTPPgvm8Zu-Mh801qQJVSGHjaXIRDiDIJDiW3S13_1alFPBmhZY8aZbr8VDA2KeoKJZkUv7xGUjc3Aw-8IY5gMmNQm31xKm4uHNn2j9i4NWe5e91RRy5tccozQcZpS6IqN1R0MjLh7i4vlu-0_gOGo9-mgcV4KlyqLZ3ZGFRkxIwsNEhtalVi9jAtly7RSEYf51nPE0GTnViUrVvyFS_8IisKHjLt9E1SH7LNZ84yeCptAxYUOQxYRszyBIaIdbBUqapdbTRae3q7VKTuAKS9WkgIM-G48tzWxR-1BZMx2HxrG2G5sPqkxciXiG9DLk2SEKaPGoUMmUwKI7WL4TWvXob_gGHBpBhRFQYe3JaWhe4dv3KwjI5k1RrzSZVA7hs7UeAlu4NxyanKDGNirrnP7xWIVcKKkJn8oCzxlWCv9gkC2Kq1pGo0MFy11sdt3xMARnOUL081mI_4cEMVLjVKNhjD3RPV-0816Q7XvYClmgYgG6xNsiqm-hj88eDx9zaRyWusu1BG-u_x34j844aobv9i6yUNG6eBnqjzfmW6baq8L_BDKmpua3kVHuNAyp2theVlNq0CY0OpbT1hO2fHFGu-Bl0Uv2G-7dVKc5oPHaZOkSHxWPBGnt3Fmc4xErsfgG4ipL0TKU3kEJdXEDmpbKHO815SEzc-RzK2eWc4tV_qa8Cr5meKyhsmEAqx2JlficQYxUo76Yi4cxJ3BgrgTxaT7E7NkBGRVytUcHrDkRJFwDTut0A7Xe_kexC05mHKMFzxJgj9bNxU_V_i4UmgNdBge-UMV3CpxjTGjzxPPvh8ZSETx27tymnwol_zGjVC69PL-fm0yL7GB2DZzKuJO9YOWHW3M0tBKoGlDUuQTbvKa-D2sFIgmu4iZC-hVmHbFVsk7ZM7tZUa5i37ZyRxOFvIxDtVjMhM-PyvOwUQG6LKFA74MKqOnaErMgcOqNMhxOoZuSW-6GfRwZNK-hjyQBu1ZJDTRnmf1cLR0bcaIrgpzW32w0Kcq9XgEKgzakIhmM62RDZNDg0Vh9Hg-iW5g-TeFPzqDIu9yalUFhgPN5kFy_wrwJCZFmON96hquOem2x3vaVC0dtXU58PdIbjsmc85VVZYuEHio0AgtoPty_ivmXWv2QvlVxN6k9ulQgqlAYwY0HTt8r29S-AG0fLKkUl-A6WUT74hX_ENpiBjHQ3FvyC364e7kn5iiKOkw9_aRXiFDE1x2PXbX67ioAuZYhE_qSq_HlqTMOM6nKdE5SEdpyPIiyz4ivDdGagcwwjliJGCGr7wusyXISr60pe0CwFmTTuwGAqqC-cOo5r0_q0R5wLfewnIdq-8AgLTuNVxXz1sGmPQWhL5HriQwCDXBo7eYmfi7zwwPe3pLMOUgvENcoBI6DVC2RpJAaL_rsfh6QY2yFNkeR_0cbAuFAJIwB5q7wrfmXy_AXxO0sR6oYj_FXT2_SbjYxnkQ4TENzMshWAr7e-L2DeOj1Db43p4P_tB0Op8JrZvftIVylJu9ZMwhFxWbGQci6kyu7OkVr9rTYoljO6tBmFSwT7pVgY-ikPqrvW2egE8ifZhy_P5pf21k2JwxIloWq06-kmpo8nFWF_5CQT6qNQ0uJmgfC2pcLcJmni7D4OCg7eTYZZyxzP4I3BM5FGqqW2E7w-qvvamjv8aomA_rfsd4dfjfUPV6-szOQiMD7xjwBQyX_9lkgIY048m-SQ3GVw0jqkkiJqpDlily6YbPreLwGUga8KLq-bWmma_cQ0_xm62po5L6t9Grw1Fp0fdyhko0hu1nlOGr0MTIa4u8CT4HJUxtRwZ22fZbyuVrBu_7J67p68lRzkJ6xrug5n9v_7wIDICcWDN0AVBPocRIKbcfaaw4T-CY3eDR0M5lXIsS7vpCK7_ba5X5G6P4Ef2NVGbqq22EhfMKQlKOb3I7Y15EVt9cNE2s0Zm6ENsSkiuTgwVPQNIA9X22UkXTYaoIMy7DIoPTgWuSEE46h1WPpcv3p_dUkG6qsg4IrStQgjrX533IsvYkBcdx_YzhaVVZv3WZqbrIElrdnCFp8Vy_mqAxaTFol1LbwmyA4_1g0xJzalF17N7swI2gayKLKpDLbiZJWCKZOdjqpDqscI4RJSoDG7UBlA7L9M8dFk8FX0z8M-njWLw4B_Yx9H6MFKHcpyNWAf6xvJP_29qPn0LCnJRK2oyRgKRphilPoITVx9sAle58FwXwmE-yP7UhgopuaFKW93JPwKl0lBF-kWuIDrE9i2cAgvHqd5ITScY-cInipBROmjaxdMkYF2TIHaZtH9hwxhrZmbXSppX-jfF4ZVYVGpGwTQu5L4Oav-kQ-EnVnmkx9zgLZPgnw4R-kBPKj-YU2HVDP4NJpePT8hrXGDcHeyIGamRXMyH1sHmNhJlHPYMAHT4FDQsFkcma4xXDn8dXqGhPuCl2GQYSyfD4mBOztxc90nXQ&cid=CAQSGwBpAlJW45fuIy1CCdfguQyMM6OKVWAzE-ZIAxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

ddc9a2a2467b59b504f278117a89ad99d7cd445e056e683d5a6e1e4d98cc8b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16765
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2431 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Aug 2024 05:10:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 62ms
61ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2716b941d865f430d320f26b86aefb6d0b839fab49395bd9b1e5a1856b48eb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11610
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5ED6 0
54 B 46ms
45ms Ping
image/gif 2a00:1450:4026:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llrss5dv&c=7371500894661&slotId=3685750447330.5&qqid=CNW8vr38-YADFUZWkQUdsRoK3Q&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4026:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5ED6 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5ED6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

294ms
117ms

Fetch
video/mp4

2a00:1450:4001:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10F9BBDA474B0FFAC7651291627BA209AAF6FEE9.77E6AF1E132C4AB0E79210A27F5442B9BAD70C5F/key/cms1/cms_redirect/yes/mh/cW/mip/2a01:4a0:2b::3/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1693040314/mv/u/mvi/2/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:16::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sat, 26 Aug 2023 09:06:44 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1987085
Last-Modified: Wed, 19 Jul 2023 11:11:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 26 Aug 2023 09:06:44 GMT

Redirect headers

date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10F9BBDA474B0FFAC7651291627BA209AAF6FEE9.77E6AF1E132C4AB0E79210A27F5442B9BAD70C5F/key/cms1/cms_redirect/yes/mh/cW/mip/2a01:4a0:2b::3/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1693040314/mv/u/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9754 23 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 375444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 00:49:20 GMT
expires: Wed, 21 Aug 2024 00:49:20 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 09:06:44 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9754 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:24:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C7E 13 KB
5 KB 11ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 08:30:39 GMT
expires: Sun, 25 Aug 2024 08:30:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D711 829 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41e9fc153ab557bfb9bd6b60d8bcfee345e0373b7ea918641c11f7feb1633abd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HTu-NoDp8ArflnKpGLxBKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tuongtacthuoc.hscc.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-HTu-NoDp8ArflnKpGLxBKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 09:06:44 GMT
expires: Sat, 26 Aug 2023 09:06:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D711 0
0 108ms
107ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=3259885784879590&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2431 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiYVso8DpZJbfIcasxdwPsbWo6A0AAAAAOAHgBAI&bg=!AQKlAk3NAAYkVgHwBFY7ADQBe5WfOE9w7Kgq6EiwOdASAsyF0LguI2U38pY79yipWSYXKhagmpa1wJ1A7ogfROziQ_p0AgAAAWdSAAAAPmgBB5kC_wRpKUXFlKs5_bpmTVAgAx2NtmdAphjjUx-fpRXAkmTyra_lYdPLNUDg1aai_mr1FFY72dYN7428fuN9SryuGZwHKEwKPcho4vvwumtyxL1q-HhI1YOAHXS4gMUtong5vvrS2jTs507hdJdl40j97K7wF6eWJL51hOMIJ4krAYX_oSd-xQSpwzkgMOxXHbN9QTbNQ6uF8MWJFS4hDtx8VFZFbIo4G-4krYxfgGP6ZoHGjZK_6ayGjydhB3ILwUx4-7CWXTngD_6fJkCurR-RmKFz2vOB8foXrYFrjyATgt4PbJ4qX-7mR9szfpgQEyvKexzU0GIW1vSKT7Ur_A0YRci7pTCevZ7pBsmzlmuiCraIUupNYJw6jv3C-1GGoZChPo_lG3nEgQrKoJ-7pBfxcq5mtE0TdToFmo54ry56GQluhWRTxQNJL6EZaSpIHmWNsVez_-jgBcfDXuT2_filYXGzinRIh51bUIMBleV2oSJ_UDGZZSXxe-VlxWACtNYNptTtGIrd2cPgpIFqhIBJR44joqYtE1849JqTwh8lIZXXptmPe0wTQgFmwVOarvETWgk831fClGLfhRiHNygeClUJGfuZj2o0b8GT0rQKeR7IUhAd0qvgO5CMHoUVQwsfr163uUOSj2gEFDdlnVRKah49dpxcvdheyzTFl-VlJFQOf6RoNQ2iyRLScNLTCF0P-IWcSFh1DDc8eWC4G65OTYkRMLuQrB7ntSu7TAR2rLu6tatCS6aqimDc7SHwBNeRt4WMZw9F72aeAWLTNoU_nE-sMBRVbm9FPWPQJVcU9SarPdPn5oxgwek937FBi_fRbD92hJD_zYxdUf69iSbd6gP63eidu4R6TiM_5y2fiokHrC81f1Ee3_vkAx9P-ZuI0v6AZW9ohWYKB2I2aMZNdPcr3N6KGLLoCBi_6gQGhkH0NB9t9qdprY-NF1ijY8Dox3cB5mAr5ZRKV-YbRdZtbbifeOO-HmGhHrrBNhUZ-CtcXTnHNbNS3KkEprV0oTVs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C7E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Aug 2024 05:10:10 GMT

GET
H3 206 file.mp4
r2---sn-4g5ednd7.c.2mdn.net/videoplayback/id/f081dbbad7eb3dc4/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724576804/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5ED6 2 MB
2 MB 16ms
7ms Media
video/mp4 2a00:1450:4001:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6900f65a80d9b4b445e2989d794d3f0cd36fa03999ff9716a6a79bf83d7ff351

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 26 Aug 2023 09:06:44 GMT
date: Sat, 26 Aug 2023 09:06:44 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1987084/1987085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1987085
last-modified: Wed, 19 Jul 2023 11:11:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9754 0
20 B 111ms
110ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bs-0XpMDpZNTkHt2YkdUPjbu30AwAAAAAOAHgBAI&bg=!enmleTbNAAYkVgHwBFY7ADQBe5WfOE9V51XHrrJEk0OJnz3TyrB9Qq-mpNn8Y3khbiruVoCyTzl5C-BT_4qgFmMBiotsAgAAANdSAAAAB2gBB5kDDlGillmH8BlwumIpxKz7oUntk1-Y5a6u5wNA0NmSEc6axqSQwcuomr4tx72AjJdxlhjslXoNPwhlvQjX3fryaD03fKKMchWPex9h7HKpQYTIgSDy6oKVSjPUzwyllXrg2UQu4cgybt7MRT2Z3gVTxjgABqXPSSzx5IbCaTZDVt8u-R2HM-biMVut3xr-KsI3VOCy7RdlTXDQ-janD2fSW0qN0xKZYnWkh0Oo1bpsEa5xizZX1csrDQjLH-ZkxhBJeAhYAPcSJfsq2ZukF1dZ7yQq0v83jFHioktcWYggLmPqlImtiVy94oNVvWBD4RimYlKmVfVtfIg4RzZ7fsU5pemkvNa92I2kc0LknvFqnDKIhor_7mX_cm-FRpDRFrY3U_zy01fBz-Hj82AUDfK_POwsSMU3x3-1fk3YALIMlMCgDYrqvTqr4I-hgbXru1-xfpjPa121xho8pKXEVnDRDJKko7THBeVyvxGuw_J7Jfioos54OdAre3cjC_YGelFd5m3RO7HwB9wfmuremjO-WlId52ChiPp4No9QhHS2fiXMdFT9Oky2CByc9WTWeBKr2WaWtRRvxfV5odNTYsmlCzCl3xDuExwjfpl_AlB18RphHgBBIqpls7JA33Hw5AT2-TI6v5QmTGnzow6zJSpnKSNc1p_zr04fAGHBnXHUVZXjELSQxGSvuwCaGc5dDkHFL9DWEHobhvxJYh5-xk83WG04tiYdWRV1qrsIiA5YCIVI9bmgH0L_dSEskiQVjj-rYUlrw3bS8eZdFaCGHupA-kRKGS8nEtgm3sSB6MrIzdVIHxbyfvdFavKmzBJURtb6tLM5HoNJOOyNNo_v0CKXIOeyV65XPQGH8IPv5uCSguYaizPukb-Sw-e-asxgq_uIWe94X6HX1fU5WVMpbCsqAUXwML3wt2b3p5IRF6bs12FVfsy1FDqzJ27_65BfKOuwuz3BnNu6GST5e2--trirge2nODorT2mj9ntp2OqmA5BmqkbmV7K4bfeixz463t3El2MSL6hn5sR6fOYI5yO5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C7E 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dimBBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:06:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 24D4 42 B
64 B 112ms
111ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2uFYtJl3i1aMmBgWtgvUTWR0koKeoCtylMgtctGfnacYr2oScd2LJCHI0Ez1_Mx1YX3Br-2cuMzKDABMOjF50_d8VTxrmp0lqcJnZkU1bw2qv8xzLOWvilX5nEJaPfx--X4gmOZYuG25l&sai=AMfl-YRyN-FtxmRWR_0PTeeK4WyYFsc0zlPTyG_y6SGvQHzoAdqK4b01DAjNBRAfCcgTR-JO5Bu_q6JRgQMu&sig=Cg0ArKJSzJVS_C9lMNUNEAE&cid=CAQSGwBpAlJW45fuIy1CCdfguQyMM6OKVWAzE-ZIAxgB&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=488,952,1002,1002,1002&tos=488,464,50,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693040804170&rpt=350&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5ED6 0
17 B 43ms
42ms Ping
image/gif 2a00:1450:4026:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llrss5hz&c=7371500894661&slotId=3685750447330.5&qqid=CNW8vr38-YADFUZWkQUdsRoK3Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.tf~vil.17s~vfl.187&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4026:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Aug 2023 09:06:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
112ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=3259885784879590&bg=!Q0ClQA_NAAYkVgHwBFY7ADQBe5WfOMww4FAjp2NgEoC0g8hzfSbEw9ffpHYRwElzvhcgddnaG_zDlD-1q_8j3TNFmp2uAgAAATNSAAAAB2gBB5kCxxoGRYBVaRRs0jvDlPEZ_IL9uxPRKeFoPAFQKASXjXKZy71RAdVrutZgSSZbOMjCburK_SAxA6ddSRpqbPR9FVX_lkkzFiQPOj1hMsmFFtYCQgNXG9yQQyULDhk2Or9luzoEesn-EJFcMTwgQO_EwtsnGdeoSoX5dV46E22hMbFXF098iq6QjttELN59xiUTv5fewd1yscW287i_I_dY7w5FEFuE2HKLjwrNR-R5AIXKRmZMdgQM1WmYW9vov00TXKEHdkGcbHRaymHPmTFFSmntwprvuKu_JnKQSfLXQQII23T5XnrygGXkrRAHAd0g-ofVZdb0FzKQy1VF9pW3TBeGg5Am_MRbuCe2VjzYOONAGppwlhBm0NfoMSklpkW_3eMYd-mshIgSDinu4fTHfhyb6F4ZX9gDQnnMZiMdQt_gSG3CnPzAEWQzzZ92CuoC-qFTegNV39pOcWGYIYs9aYX8BPBGV1B4oHZIKRi3FTuMVI97jlkWXvs5g7f9onRxPxIdIZ_2Cr9vdcnXDkcmVLhgyuximlgT7W-yaecKcw40rB-98Tq4wCSynu3naKzrbkaUomOtzmgyUFMxKJ7vHPz6TfNyecm-EoDjrYpa2vRv_CtyeCyHlFFPjOCQG7w-XOXUanns8QrlP4DvQWzYQkqDH6UgPwpUSvfO77nggYLaB9Y67mbNXqlN7Va8Uev8elwti3VuJbbE43xnAKpZ8hkDi2zJtdEXOs44810bOC_6kTVvXXWI0Wy4IKRE8HMwRDF3Z-Lp6DCgY1kFUFvl6pifYMRr5yxHHAJsOKJ-CxvQNv6ZYRl25JKqeaRthKQztgSYXqn59qRuyJr2jiuGyQLhVyILNjMnam66nzPGuvHsbZtAdggyVU8R4VjN3z2iG0QrplxwnvfY3i_DEr_nFaax9mO2xuA1vlLm5xd-Dgb3ZusrCesKxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tuongtacthuoc.hscc.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tuongtacthuoc.hscc.vn/	1969-12-31 23:59:59	Name: ASPSESSIONIDQGTCCQAT Value: CGDNGFNAHBPBPJBFLFIIGMAC
.hscc.vn/	1970-01-20 23:38:56	Name: __gads Value: ID=9a4528ab19f5feeb-223e3a1f5dde0040:T=1693040803:RT=1693040803:S=ALNI_MY2cqKoPW6VcaS0I-wnXpCxNALb8Q
.hscc.vn/	1970-01-20 23:38:56	Name: __gpi Value: UID=00000c682b86c41f:T=1693040803:RT=1693040803:S=ALNI_MaS9QhqBIsUZDiMn7CfL-ZwY4JFOg
.doubleclick.net/	1970-01-20 23:38:56	Name: IDE Value: AHWqTUm7ZdY89-7LegipTTrAhk6tuoaGCOY3p_b5G-EY0rp3Jlbu1esFhTk69-19
.casalemedia.com/	1970-01-20 23:02:56	Name: CMID Value: ZOnApBwPRcfuKpfl-8MzCgAA
.casalemedia.com/	1970-01-20 16:26:56	Name: CMPS Value: 5152
.casalemedia.com/	1970-01-20 16:26:56	Name: CMPRO Value: 5152
.adnxs.com/	1970-01-20 16:26:56	Name: uuid2 Value: 5638081101414477667
.adnxs.com/	1970-01-20 16:26:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>tq1j=C!@wnfH8K6pQK`!5=E<L5?%MY.Da@lgPZ/gmY*:4>grtYvpA29xwYLt(]`$%nugO%v4VB%nm_F)kq@u
.doubleclick.net/	1970-01-20 18:36:32	Name: APC Value: AfxxVi5gxQGEI5Fgg-tHem0ikmHCTcxPUCd8Dc-Ny2WnT7skaQTQzA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://tuongtacthuoc.hscc.vn/(Line 7) Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
cdn.ampproject.org
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednd7.c.2mdn.net
s0.2mdn.net
tpc.googlesyndication.com
tuongtacthuoc.hscc.vn
www.google.com
www.googletagservices.com
112.78.2.112
142.250.181.226
142.250.185.66
185.80.39.216
185.89.210.212
2a00:1450:4001:16::7
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4026:808::2003
74.125.206.156
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20e30d9562d3bd90c32104cbabd0ce194b16d9510581aca10f3433614ce4b238
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75
230f33f0a0d0c268b53df49e11daeff40258fa1c73e0dbf2e84f53dd3776b222
2716b941d865f430d320f26b86aefb6d0b839fab49395bd9b1e5a1856b48eb4b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
3568c67f83ef8b4773c6c6c6c8713dba1b0af4a0ba82a8493f68c2f62be74798
3a1f19bf18adcfe8c5b82415ce71447b94ba58888e7c6a9cb86aef8291414915
41e9fc153ab557bfb9bd6b60d8bcfee345e0373b7ea918641c11f7feb1633abd
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6900f65a80d9b4b445e2989d794d3f0cd36fa03999ff9716a6a79bf83d7ff351
730311fe453cbf37f68fefd56fee3530a4722ed549aa300699979fbeef6b0e0f
7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d
80db491f06fb396160791f64ec4ffe56935c95542c6db710030e3f96af5c2c98
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1fa4bff548700cb9196a02d978d88177195b22e87dcac012378ecc3095db5cd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
bbbacde36b5fa585acf6ae8bf17df33051d78a65ff1c7a1263c7b8803c2f34af
c321d7aafc6f4e3c2d570d82146e07e632d113210df0da843cdd6685fb1c1a13
c6958d2e96e4b15c3b1185b876cbadb4257aa32067b7ba919ebb24e6f6ad7e44
c94c3c3aa036c04945e90d4ab0cec7b88bf879b51c015167c0e0be68172e8825
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
ddc9a2a2467b59b504f278117a89ad99d7cd445e056e683d5a6e1e4d98cc8b0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff782142728757957286f035526425c1bb89394a824802d2e8b83a1305c58575

tuongtacthuoc.hscc.vn Open in urlscan Pro 112.78.2.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

92 %HTTPS

67 %IPv6

12 Domains

19 Subdomains

18 IPs

5 Countries

4368 kBTransfer

5974 kBSize

10 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tuongtacthuoc.hscc.vn Open in urlscan Pro
112.78.2.112 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

19
Subdomains

18
IPs

5
Countries

4368 kB
Transfer

5974 kB
Size

10
Cookies

63 HTTP transactions
1 data transactions