tongdai-facebook-vietnam.fusimi.info Open in urlscan Pro
2606:4700:3030::ac43:ab2c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tongdai-facebook-vietnam.fusimi.info/
Submission: On February 21 via api (February 21st 2024, 7:44:30 pm UTC) from US — Scanned from US

Summary HTTP 87 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3030::ac43:ab2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is tongdai-facebook-vietnam.fusimi.info.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.

This is the only time tongdai-facebook-vietnam.fusimi.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3030::ac43:ab2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
87	15

6 2606:4700:3030::ac43:ab2c (United States)

ASN13335 (CLOUDFLARENET, US)

tongdai-facebook-vietnam.fusimi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.153 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	550 KB
26	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	458 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149	110 KB
6	fusimi.info tongdai-facebook-vietnam.fusimi.info	111 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 ajax.googleapis.com — Cisco Umbrella Rank: 434	37 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	3 KB
3	gstatic.com www.gstatic.com	17 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	63 KB
87	10

	Domain	Requested by
26	s0.2mdn.net	tongdai-facebook-vietnam.fusimi.info s0.2mdn.net
19	pagead2.googlesyndication.com	tongdai-facebook-vietnam.fusimi.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net tongdai-facebook-vietnam.fusimi.info tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com tongdai-facebook-vietnam.fusimi.info googleads.g.doubleclick.net
6	tongdai-facebook-vietnam.fusimi.info	tongdai-facebook-vietnam.fusimi.info
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ad.doubleclick.net	tongdai-facebook-vietnam.fusimi.info
1	ajax.googleapis.com	s0.2mdn.net
1	www.googletagmanager.com	tongdai-facebook-vietnam.fusimi.info
87	14

This site contains links to these domains. Also see Links.

Domain
tongdaichamsoc365.com

Subject Issuer	Validity	Valid
fusimi.info GTS CA 1P5	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://tongdai-facebook-vietnam.fusimi.info/
Frame ID: 93744763845504EF992015A6427EC0D7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html
Frame ID: 98B295B61E074A8CC29C21BB3CF5485C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1701883373440980&output=html&adk=1812271804&adf=3025194257&lmt=1708488758&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Ftongdai-facebook-vietnam.fusimi.info%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708544662715&bpp=1065&bdt=375&idt=1531&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7197568916391&frm=20&pv=2&ga_vid=1665702588.1708544664&ga_sid=1708544664&ga_hid=7943178&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081080%2C44795922%2C95324580%2C95325069%2C31081301%2C95324154%2C95324161%2C95324434&oid=2&pvsid=2695343763223474&tmod=1040327058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1567
Frame ID: 3062D4CEDDF5F9D94C349FD4941F02DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 23200611C8FBB913D0FBE2F1CC6111DA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2B3F21470507F816301C64DAE00E1108
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjE_Y3eATAB&v=APEucNU18G0nycndnWi_c8qQD3FynF3kR07iS6AcDdezc4WNoEohon5peGIbd2lXq4d3baLgylBZ0XXVhs6zxT6RhHHtT3pNDg
Frame ID: D876B6D67D870F23D1E547DB8E6E316D
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: F517BA957182198BCA3DD4FDA094F274
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F5BE75EE7F5897B1971E7562BD7989BB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 530D595B10AE447E791F9CD027452E68
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1F249B4B43E8A254EBA365AEFFB4903C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
Frame ID: 03AEE11053DCE9B27990E7A8C92CFD63
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: B673EDAFC859CE602A66825307F4D315
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Frame ID: 193509797BFCA91B5E4570BC32728188
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1027F87A0564F9A18BA14F619C2E6BCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C58B97C381B350EA7EF552A0CA5D607
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cổng thông tin - Tin tức và blog

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

95 %
HTTPS

71 %
IPv6

10
Domains

14
Subdomains

15
IPs

1
Countries

1349 kB
Transfer

3752 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tongdaichamsoc365.com/fb
Title: Hotline fb

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1

Request Chain 29

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdZSmdHM768AAEPRAE20vwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENrk-21bpk1dzdV3PwUFXD4&google_cver=1

Request Chain 31

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NjcwNDE0NzExMzc3ODg0MQ%3D%3D

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tongdai-facebook-vietnam.fusimi.info/ 23 KB
7 KB 1303ms
1158ms Document
text/html 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

719ebaa7a8e79cf3378f1bbc2daac1eecb7a8347b867691c271a75561211503d

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85917bc47d19747b-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 19:44:22 GMT
last-modified: Wed, 21 Feb 2024 04:12:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAzt%2Fv96pHcyiRSkjT90aJeFVwHFYkZdF5kWQRI%2B5C8pLFxcpSweTk5jjOMxc0A45K2MXCWPws%2BCaf6euCPzgOfP7flcnqn5i8eQly8U%2FN3585iWqcfARj2f2hWl0xt%2FPM%2F0z58CYqmgrqIh2v5CTS2l9h59IJ5K5wAATSwIXZZnunE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
vary: Accept-Encoding
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always

GET
H2 200 main.css
tongdai-facebook-vietnam.fusimi.info/Themes/css/ 315 KB
45 KB 1400ms
1397ms Stylesheet
text/css 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tongdai-facebook-vietnam.fusimi.info/Themes/css/main.css

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac9ff1aa88cd372a85fb9b518a644d6cb2cf14c42a197538eeb8726e6d31661

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:23 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2024 03:28:45 GMT
server: cloudflare
etag: W/"65d56ded-4eac9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57fhPt7vq0Nl%2BDgxJhKeGZSGLRV%2F8isf9f%2BPeziJNS73JLbaNF6s6xv5yy7QzSqzpiuo6wlXMXMlu4kdw%2Br7nzkKt9ddbDERvCjIYGEZdDsRweE4sG4iv1dfbUQPyO%2FJ2BwtLwtFeZTVtnNRmcyGO%2Bnsn3KNG7qbPxdy9xNX9x0Uos0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 85917bcbdb23747b-MIA
expires: Thu, 20 Feb 2025 19:44:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 243ms
107ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1701883373440980

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51c20179410b130c00ff5a394318db785a9a898c8e1ad2ba99d3e223ef09604b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Origin: https://tongdai-facebook-vietnam.fusimi.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51045
x-xss-protection: 0
server: cafe
etag: 11673159462332752204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 21 Feb 2024 19:44:22 GMT

GET
H3 200 ring.png
tongdai-facebook-vietnam.fusimi.info/Themes/image/ 952 B
2 KB 1088ms
1087ms Image
image/png 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tongdai-facebook-vietnam.fusimi.info/Themes/image/ring.png

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3669b8e2c8d60c9eb6b00acf6b79c7fa2d976ed3cb7ead7f4de59fbfd52fba

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:24 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 952
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2024 03:28:45 GMT
server: cloudflare
etag: "65d56ded-3b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcnXqHJCtN5erIt9LBg1lJd%2F5U9p9EiWgGLrT0HapD2rA%2B5tauO8%2FQbZ71sGA80Y%2BuIoPdBy0Y%2Bdz4Li%2BoFJAqssgQFvtKhbPVA0ft3YkR037tFjsSMJmAqwmb7KJU1oxp4gImjUukBp3JEwifF1t9Hl94X6wu9fZtzkk5MhOwJjYCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 85917bd31f634c31-MIA
expires: Thu, 20 Feb 2025 19:44:24 GMT

GET
H2 200 ring-icon-phone.png
tongdai-facebook-vietnam.fusimi.info/Themes/image/ 3 KB
3 KB 1063ms
1061ms Image
image/png 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tongdai-facebook-vietnam.fusimi.info/Themes/image/ring-icon-phone.png

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf3708f9c84da1b66027974ac67be13d1fed87ca7ba4e5a5792bd993a8217d3

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:23 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2816
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2024 03:28:45 GMT
server: cloudflare
etag: "65d56ded-b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGepLYbjEZLyxouuStzYTTSP2QpYVAC2aGVUTELt%2BfQQE8uiZpKCbIb34VoMvstGHTWlOFTr99bFCBVibIhLqE9IY4PRBmQ1E0XDbgLdwszX6UzMUkyXSOSz5Q2l5dYhmTBLkRE%2FLVwJs%2FN1AcV0IDBzSbOioXVWb8gY1paAIUQ2BnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 85917bcbdb24747b-MIA
expires: Thu, 20 Feb 2025 19:44:23 GMT

GET
H3 200 home.js Show response
tongdai-facebook-vietnam.fusimi.info/js/ 269 KB
53 KB 1425ms
1425ms Script
application/javascript 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tongdai-facebook-vietnam.fusimi.info/js/home.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc361b8ba3e67da9ce4e4ef7da1a46a8181b7c5ad333599663e3c28f4eb24592

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:25 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2024 03:39:58 GMT
server: cloudflare
etag: W/"65d5708e-43452"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R5baTgHpGt8XjU%2FPyxVFki7GOT2KYyimG8q7v2xNun0Nl6dMi4LgXasZpx3f%2FDKIrXm6ElwoZZyYxdi4J2%2BCkWVUowy1%2BjfxHE027vuFVbRhe47pyuOtltUdvdRQJv081RUeG3quWMUIN9WH13837WKFigVbtQ8gdaYEKuXjUh9nec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 85917bd499324c31-MIA
expires: Thu, 20 Feb 2025 19:44:24 GMT

GET
H2 200 Toc.js Show response
tongdai-facebook-vietnam.fusimi.info/Scripts/js/ 778 B
723 B 1160ms
1159ms Script
application/javascript 2606:4700:3030::ac43:ab2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tongdai-facebook-vietnam.fusimi.info/Scripts/js/Toc.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ab2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f805401581229c436f09f3a613f91cb54d9cc15d3101243529c97373d59667fb

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:23 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2024 03:28:45 GMT
server: cloudflare
etag: W/"65d56ded-30a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr9dEZUEVtqJM4ZQ7PR6I7TIE30x1kaD5Bf%2FSjwrJIySqHb5SYRclFNeMm1hCMjoaWGclmxpfsOv9MEN3E11bex181co2Y5V0NZLwlK2ZmdCplHZZecQbWLitsOhY7VSbf5Sfxntb0lOuMzZIl0Eqhw%2F5hKzyD1WwDDJs1eWd6KEqIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 85917bcbdb25747b-MIA
expires: Thu, 20 Feb 2025 19:44:23 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 407 KB
138 KB 281ms
145ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1701883373440980

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f13624632e913d3810fff3a1d5d50ba10fe32614ca3cf7260858934eded5514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141307
x-xss-protection: 0
server: cafe
etag: 86074580579733411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 19:44:23 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/ Frame 98B2 9 KB
5 KB 202ms
62ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1701883373440980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 11141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 16:38:41 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 16:38:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
63 KB 246ms
102ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DXTFKQH

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

521f1acac405bfbb2c2bdc3b2a1bf1eb5eb37dd790074cbaebbdace94f05eba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63836
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:23:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 19:44:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3062 341 KB
96 KB 501ms
498ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1701883373440980&output=html&adk=1812271804&adf=3025194257&lmt=1708488758&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Ftongdai-facebook-vietnam.fusimi.info%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708544662715&bpp=1065&bdt=375&idt=1531&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7197568916391&frm=20&pv=2&ga_vid=1665702588.1708544664&ga_sid=1708544664&ga_hid=7943178&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081080%2C44795922%2C95324580%2C95325069%2C31081301%2C95324154%2C95324161%2C95324434&oid=2&pvsid=2695343763223474&tmod=1040327058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d122ecd8b8b474fa41fc4ca0f5df8aa78a103a959556b3942f951ea07ed581b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 98259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:24 GMT
expires: Wed, 21 Feb 2024 19:44:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 148ms
148ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=Header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 166 KB
56 KB 113ms
113ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/reactive_library_fy2021.js?bust=31081301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edcfba1e48e0a70116934e9978bc4a5d95d69f8823567674bd7bc0111db0d206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57346
x-xss-protection: 0
server: cafe
etag: 11169182839904156809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 19:44:24 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame 2320 9 KB
4 KB 67ms
65ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 16:53:24 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 16:53:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame 2B3F 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 16:53:24 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 16:53:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2320 5 KB
1 KB 223ms
77ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 19:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 18:57:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 19:44:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2320 205 B
296 B 207ms
66ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:50:03 GMT
x-content-type-options: nosniff
age: 503662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 23:50:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2320 604 B
1 KB 205ms
65ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:16:08 GMT
x-content-type-options: nosniff
age: 559697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 08:16:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 2320 15 KB
7 KB 201ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 21:56:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 2320 22 KB
9 KB 207ms
70ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:01:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D876 624 B
246 B 102ms
101ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjE_Y3eATAB&v=APEucNU18G0nycndnWi_c8qQD3FynF3kR07iS6AcDdezc4WNoEohon5peGIbd2lXq4d3baLgylBZ0XXVhs6zxT6RhHHtT3pNDg

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:25 GMT
expires: Wed, 21 Feb 2024 19:44:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F517 172 KB
61 KB 202ms
62ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame F517 8 KB
3 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 16:59:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame F517 23 KB
9 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 22:41:13 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F517 41 KB
14 KB 205ms
125ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F517 3 KB
1 KB 223ms
143ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F517 20 KB
8 KB 159ms
79ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F517 204 KB
61 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 18:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 19:51:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F517 42 B
63 B 133ms
132ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG47iYMUVzYGyQI52C3Bzdi3E1sQFjODPLNd-R_ecT7EeWUSCSJran7Ujf_7nJcPynYzzxiA6-JOAW1VZwsylYNIZQ8Y9WkcxSyPPo_FwKj0--W-I

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D876
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1

43 B
773 B

77ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjE_Y3eATAB&v=APEucNU18G0nycndnWi_c8qQD3FynF3kR07iS6AcDdezc4WNoEohon5peGIbd2lXq4d3baLgylBZ0XXVhs6zxT6RhHHtT3pNDg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4p%2FYgqWgkkAh5wkiST2zvBVPGm8QSVrayyiMvi4FDULtV7ZPIIDzfYc3Q9E%2Faj8TSQkTyrYUSEQQh7lRQPxcu6OGAd3k79ia2RtWX3tgBPqh2QGqBIpqrbrq%2F%2Bm8bOSC4SHUr%2FSFOCdnDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85917bdfe88a4bff-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D876
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdZSmdHM768AAEPRAE20vwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1

43 B
736 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjE_Y3eATAB&v=APEucNU18G0nycndnWi_c8qQD3FynF3kR07iS6AcDdezc4WNoEohon5peGIbd2lXq4d3baLgylBZ0XXVhs6zxT6RhHHtT3pNDg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXou6ig2zQsbxd11%2FrIyUQwLKi1ShC3iNhEE7SHMYyeVxjaPiwix5czk9nWvF%2BemhVsSf8NTAL0%2BmY6mmNzrlfRN%2F%2B4zzFYDpeRjkgAH%2BhhlV40kkIgpvwkO7yrdCPisecFczPiERsQRDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85917be0a9ba4bff-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC1dJCEYcpypQjnPlyy-iig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D876
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENrk-21bpk1dzdV3PwUFXD4&google_cver=1

43 B
1 KB

76ms
73ms

Image
image/gif

68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENrk-21bpk1dzdV3PwUFXD4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjE_Y3eATAB&v=APEucNU18G0nycndnWi_c8qQD3FynF3kR07iS6AcDdezc4WNoEohon5peGIbd2lXq4d3baLgylBZ0XXVhs6zxT6RhHHtT3pNDg

Protocol

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
an-x-request-uuid: eea724ea-f130-4f13-b2dc-aa55309f0de8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.68; 38.132.118.68; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENrk-21bpk1dzdV3PwUFXD4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D876
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NjcwNDE0NzExMzc3ODg0MQ%3D%3D

170 B
243 B

81ms
81ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NjcwNDE0NzExMzc3ODg0MQ%3D%3D

Requested by

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:25 GMT
an-x-request-uuid: b1fc64d0-2da2-405d-8920-7ef984d1367c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NjcwNDE0NzExMzc3ODg0MQ%3D%3D
x-proxy-origin: 38.132.118.68; 38.132.118.68; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F5BE 14 KB
1 KB 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 19:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 18:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 19:44:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F5BE 2 KB
902 B 64ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 16:59:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame F5BE 23 KB
9 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:15:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 530D 143 B
166 B 66ms
65ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 18:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F5BE 3 KB
1 KB 78ms
75ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F5BE 20 KB
8 KB 72ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F5BE 204 KB
61 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 18:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 19:51:19 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame F5BE 36 KB
15 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
DATA 200
OK truncated
/ Frame F517 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49f4c18d62a33d6c0703a69fb7163543e4aba36645d258a224eb576dd6cedf1f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F24 38 KB
13 KB 76ms
68ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 490961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18264978128295342468/ Frame 03AE 7 KB
1 KB 208ms
77ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11d6d9f625a068ef103361647fdf8777bca62da6468271c0c7a09a725ce9b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1232
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:25 GMT
expires: Thu, 20 Feb 2025 19:44:25 GMT
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F517 0
0 292ms
141ms Fetch
image/gif 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst3PCvgLMnDneyHwzrjCiRU9iCeCt4GlYu2GDFefY5Yg7-wIaQQcpoBmhphdIfQROWXKMmb4ik99KPRu-3YM73YvEP2cliD4VjfysO7tr3AvIYmdiFmCKRJAmqunENNXcU27OX0HBUB3O3g-aElKJLMJlkWq5JQHtwWjrZMul3ZZ8GzT76mwVPE04UWjV5jtIkNOIb3c-WuVDHt0SoEE0_Bn_0luGRYPbC72J4yHk7xxj-Hlf-egglkZTBMBudjwJZVolBXL-JKix48bNIB0QHnJhQco0K1OVh--wcaP8QOiNpWpGIBeymLF-RSYY0ei9_26hQog1_EYnX7S7iJ5zhzfUswHwXdcimAjUVrPgeITAJDTQoDkMGqjzsQrDZ-XGmzhQ7imo8iak-uEMA6ujrlz7-EV_CPDgn_GELjoC3QfiDwmQ4FG3Wm7T8V2l48keMJOq8825PDKj-JYS7zFX_i1DDHQhcQeHOF0mI2_JIl87Hl7LDligCWXqcGDeLxyIRBE8LKCz-B6MGnCrtkgRitIWYqYbYd9kYW9rbbbqmLYG5alSU3Jm3oh28NUkJV9w2aA9IInpNfuZ9kOkKWK3WoF8dePi7wXwJFfm3Rs70BKdEBPdadDtVYCK91KcDvOcdKgPBwSvX1g_mJjdYnhmLVA4R3XvqRZgsTT_InCUMitf7GHYB18M-vEq_ZEHZ9GUgTzX_1mn8i1ZfH2ZrbTu2i5f5ATkkjPWDAQx4LUd-vMnHSfroD6_yZfIqN0UUmuuHXytD6s0JmdNQHXJNfOTwcqkzuM2USf2Y5H2JXjbNM4FBWxGhHFsMCXIur8SrirKo5k2MXB4O6LbmbDC0p1XC8hFsf34LD5ZYXYWGlSiMtbKXLGrq0ygBfaQe130_HdLIPBrReCmgbJJxBWUs0C9-cKLCxBZ4j5yM4R6syGUDLe8-2Ft3R6drrvKkl7GHNZM2tMvVk94nUX4mbw3o4kPcndfI65o4wUjJvzjCFF4LXyTo1piCp_RHVFNDcQtE1jf3kA2tzbws4aY8QYwaBpNB3XwWyM16IYFfuCR7cxvjoJdOamUJT8CXaNZL6j3geDm3PzE3lDHoW9QI3d22csefuD1hR5L18RvoiqgfKYqwT3n47xucNcYS103NiJ9HGQUg8Ph-uPyKYxA3l83BAnD7r8eDVxdjrshSRSwnFsnJOkVFgZJEaeK8fpJWTuoeZLP4YEuldERIx4dnZ38txJ80Pfc35crrN_lpEB4OsRI6Y3ueYlw2gypmcA_CdWZlvniRgWloejQLdzMVQfC1AGIORoOCG1Tc6UH785vnSusbt2FHQoyx5g4nWfi7mLa1BqxJk2Qf8cB_cKbRLt7gSJA5mcX3PtmQCCUGEjvbWsbR-aewLjK1U-UUc9ZSuTwPNmWMwTQEZD8Ncn_H6X0lJ6RaNyxfCQv729_-_3QN-JuHvbwf1Q6RWlQhnWCNOvA2mq7N5rOhOEUG8ULDqav-crxCEL_nLgROOAs2Vm9P96L61xdsyWmleqn-nOTdg&sai=AMfl-YQwgr6SXaUSbYy0-vla4Th79cCtXR5y3L09RO8WuxnLV1rdJDcBfYs7thKyopa1wQz8oMPwPNzUlvjyUboeM37U3aR4HVEOdprCKagUDVgZD9uOnxzpH9CyfggtpyJLuiLZ93nJbufn01hSlsaKNa_r8wV3GexOcYupkr0_yHe0B0WK2m-pY12ZYbmED9ixT457JCFGPKYGd0CWetuVE2UDRmUspUww__VfK-XzBpbW64QagJTb5OcVpNFJv2BNAOxYGv6u_Gl64tR37Y74CniPJ8mqDfdYhmRtkTQ1M4ZrYYiY3zAumUiE9xgejAUc4UGUkUBqQBgzvvRr0jkRcf6CR5J8VKMyPaff8OTudSH0qKhuddoU-nfMHE2YLpJuuh7JvvNIoP-FJVfbj3VHCYn2C7etDN8fQyfnnM1pwsSu0kNAH2UzcAMfVxBaOMiN6xRF7Og-lU4ooIbDiE3-KXXDwjjB9PmxtEjY__bfYyQj4rj5ewALYXCJWO7FpiGWXXIgHg&sig=Cg0ArKJSzJSvukjUNFPKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=414&cbvp=1&cstd=399&cisv=r20240215.84183&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 19:44:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Feb 2024 19:44:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 530D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
89ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:25 GMT
expires: Wed, 21 Feb 2024 19:44:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B673 51 KB
19 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 10:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 10:02:17 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F24 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:08:05 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 03AE 5 KB
693 B 83ms
81ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 19:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:39:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 19:44:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 03AE 95 KB
34 KB 215ms
68ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 17:15:52 GMT

GET
H3 200 jquery.bxslider.min.js Show response
s0.2mdn.net/sadbundle/18264978128295342468/js/ Frame 03AE 19 KB
5 KB 67ms
66ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/js/jquery.bxslider.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550cb2681979e286f4588c97ac60ee8e04734f672eb9eb5782ba234de66b02d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 17:15:34 GMT
date: Thu, 15 Feb 2024 17:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5193
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.bxslider.css
s0.2mdn.net/sadbundle/18264978128295342468/css/ Frame 03AE 4 KB
1 KB 68ms
67ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faa04c655b128f3850fc880a247b11f9374e1975abf4da8e1f989f75c1a588c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:27:14 GMT
date: Thu, 15 Feb 2024 11:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1188
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.textfill.min.js Show response
s0.2mdn.net/sadbundle/18264978128295342468/js/ Frame 03AE 3 KB
1 KB 71ms
70ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/js/jquery.textfill.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96e5069601f3917388bea9bec38329bd281dd952dec19aa68e7404995ebfcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:28:19 GMT
date: Thu, 15 Feb 2024 18:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1190
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 style.css
s0.2mdn.net/sadbundle/18264978128295342468/css/ Frame 03AE 9 KB
2 KB 74ms
72ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ffeb32cb8ed889a47f30c1f4424ecab709ee24055530488ad466c2a21817955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 18 Feb 2025 19:33:08 GMT
date: Mon, 19 Feb 2024 19:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2345
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.rateyo.css
s0.2mdn.net/sadbundle/18264978128295342468/css/ Frame 03AE 896 B
365 B 75ms
73ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.rateyo.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46f61376900a925367b589226ece46a524bc26b5eb674d9312a01ed4ea73149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:25:35 GMT
date: Thu, 15 Feb 2024 18:25:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 jquery.rateyo.min.js Show response
s0.2mdn.net/sadbundle/18264978128295342468/js/ Frame 03AE 9 KB
4 KB 95ms
93ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/js/jquery.rateyo.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a733ddf320f1b2dfeabec224e80b4f3bd2a74d127de1d5db5e09b512eafff503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 15:17:57 GMT
date: Thu, 15 Feb 2024 15:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4327
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 03AE 120 KB
41 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 21:58:16 GMT

GET
H3 200 cta_white_arrow.png
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 3 KB
3 KB 133ms
132ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/cta_white_arrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7906c041872372ef50dcef069befbfd081c4548bb84ff12449ed458d91c3b299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 14:43:20 GMT
date: Thu, 15 Feb 2024 14:43:20 GMT
x-content-type-options: nosniff
age: 536465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2884
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sephora-logo-black.svg
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 2 KB
1 KB 135ms
134ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/sephora-logo-black.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddeaee327eda6acd35de8687c29ed65db0a6092cb432e5768d6dacc81415ef92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 14:15:32 GMT
date: Thu, 15 Feb 2024 14:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 border.png
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 3 KB
3 KB 69ms
68ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/border.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db2b1f1dc7d225711c85f09a2cdaae3ba3900cba74bb08f0b212b406fa453c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 07:57:37 GMT
date: Thu, 15 Feb 2024 07:57:37 GMT
x-content-type-options: nosniff
age: 560809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3316
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sephora-loading.gif
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 20 KB
20 KB 69ms
68ms Image
image/gif 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/sephora-loading.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf7bcdc590a7ad2136049764fa6ee56b20c333e45c1d17b8b7f6415cde212a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 08:00:20 GMT
date: Fri, 16 Feb 2024 08:00:20 GMT
x-content-type-options: nosniff
age: 474246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20831
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/18264978128295342468/js/ Frame 03AE 24 KB
4 KB 64ms
63ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a8a52511ff233cf8c6788bc9391300ab4c72317b5e1e952da6742eebc5e3ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 17:00:49 GMT
date: Wed, 21 Feb 2024 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4534
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F24 0
20 B 138ms
137ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOPnVmFLWZc2QFu-OvPIP9IKw4AIAAAAAOAHgBAI&bg=!jo2ljcLNAAZN4L4YbeA7ADQBe5WfOEyDYlekF82_wfip_e5CLqm-rVoU1iqj0CiBVE3hIqqzjuGu42FlseO58cfhfg8vAgAAAKFSAAAABWgBB5kDLKVdzJUDwYgXQjwgXFrvCmeXrk08t-O2pq9gN3EXKqFNM2OyYlbNeeZwAhXtppx2tlqaIZqvifGjOu0VvYuRiRwvgCwenfRv-GbBA5tzUXcGlhWKjNpYZ-crltHpqB2EWmdLCYhkwQyOV9fi9lJuK5XhxzNxVAGE8NEE6GlivhbO5JpGvpWuWWSTbPHzYdj0KsxE8-cl4IMjJq6nIjeahoiid2cNN9_I9Egp3CjIDQpy9KISywwTx0fHBOGVuczTlvbZRZKpDfUMFfBuJaAVKYqjN1NzyLmnKiR2ycPcyQjsHy0ckjv52gS_S5EG0pg3lADv58dNxyB43Hef8jTn9cT9ITnyTYH06O93I0ppTayfSCqzBsb77ApCFqwrYraGzsdPtksBFeyWUnyXW9WSPP9m0sN5Rx0PWI4aTFccQIB1o239WDojCpcfRBSxFFlKgOPV-VKX867_QL1SlJ54HIqONeVMHWGQEN0YIAvCE0PwNypPXbsbdN5vKy_4Acfe-pi7qX-N8uuVCciLy4NuGZ-U3_VYVjrAv1NcalxtmfdV6KOJjZ67--9vgaYx2xaX2CR2ldGc49sVmjitYBbjpZquQ9ec8Wr75ZC_8WBWWdD7oKEYjs4yuNL-IJM5tV8el2J6d1Wmb4IAinoE3jogr_15oOGKPx4jDeriFDecWEJ8ToZa7meOsqansEYscSLluGjUr7yvgGiG23Vk5AKtk2J8PIL8BnerkYH_1s1j8v9Md2TPKd9FeEvpudzPmNWIsffyH0oykCgfWyU2c1hREVW7xUJSJes4d3aIakwEFFak185KpOtRz2vcao7jlQDoBkKFGzryPWkkrFXwSNtm1AxSiIcZ_HrYVRcJFMHhPtd2yy8EfSE-q7Qiqd2PNTUbgifPHORrLIsKyPgNhz-61pFONb4BDEFbBsR3_Vd_ii-qrUppATwvgS9osPEQR117W7QS9xbsvP3NtSwax2SmXOtYXMdKUYv8b2SP1UkuIVOEDg1INl80ZzHanx2SYOa58TtuSx3mAF7A_RIK_8jyNzkNpN2pcQRrcbS_C0AH0RWlOL3LCouGFfn3s1Rs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Futura-Med.otf
s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/ Frame 03AE 69 KB
47 KB 65ms
64ms Font
font/otf 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/Futura-Med.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44eef348292128bbc1834688a43068e5a8417dec106542bee6b31d78775a6406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:54:04 GMT
date: Thu, 15 Feb 2024 13:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47953
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bx_loader.gif
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 8 KB
8 KB 78ms
77ms Image
image/gif 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/bx_loader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 05:40:47 GMT
date: Thu, 15 Feb 2024 05:40:47 GMT
x-content-type-options: nosniff
age: 569019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Left_Arrow.svg
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 188 B
203 B 76ms
76ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/Left_Arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1930ade9d196235872eecf2f23d675846ba2afedc0091353d55c34273eb8e541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 06:12:20 GMT
date: Thu, 15 Feb 2024 06:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Right_Arrow.svg
s0.2mdn.net/sadbundle/18264978128295342468/img/ Frame 03AE 173 B
196 B 77ms
76ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/img/Right_Arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1f733280a700db3a6a614d2384950ddbc4f6272de15dbb4ff2c665f0b66137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 20:25:51 GMT
date: Thu, 15 Feb 2024 20:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515915
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 03AE 8 KB
6 KB 103ms
102ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e738234335a7be4ccc3a3a4ed4e39dc840e13d32bd3a7e26fb19495da0149cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5958
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F517 0
0 134ms
133ms Fetch
image/gif 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst3PCvgLMnDneyHwzrjCiRU9iCeCt4GlYu2GDFefY5Yg7-wIaQQcpoBmhphdIfQROWXKMmb4ik99KPRu-3YM73YvEP2cliD4VjfysO7tr3AvIYmdiFmCKRJAmqunENNXcU27OX0HBUB3O3g-aElKJLMJlkWq5JQHtwWjrZMul3ZZ8GzT76mwVPE04UWjV5jtIkNOIb3c-WuVDHt0SoEE0_Bn_0luGRYPbC72J4yHk7xxj-Hlf-egglkZTBMBudjwJZVolBXL-JKix48bNIB0QHnJhQco0K1OVh--wcaP8QOiNpWpGIBeymLF-RSYY0ei9_26hQog1_EYnX7S7iJ5zhzfUswHwXdcimAjUVrPgeITAJDTQoDkMGqjzsQrDZ-XGmzhQ7imo8iak-uEMA6ujrlz7-EV_CPDgn_GELjoC3QfiDwmQ4FG3Wm7T8V2l48keMJOq8825PDKj-JYS7zFX_i1DDHQhcQeHOF0mI2_JIl87Hl7LDligCWXqcGDeLxyIRBE8LKCz-B6MGnCrtkgRitIWYqYbYd9kYW9rbbbqmLYG5alSU3Jm3oh28NUkJV9w2aA9IInpNfuZ9kOkKWK3WoF8dePi7wXwJFfm3Rs70BKdEBPdadDtVYCK91KcDvOcdKgPBwSvX1g_mJjdYnhmLVA4R3XvqRZgsTT_InCUMitf7GHYB18M-vEq_ZEHZ9GUgTzX_1mn8i1ZfH2ZrbTu2i5f5ATkkjPWDAQx4LUd-vMnHSfroD6_yZfIqN0UUmuuHXytD6s0JmdNQHXJNfOTwcqkzuM2USf2Y5H2JXjbNM4FBWxGhHFsMCXIur8SrirKo5k2MXB4O6LbmbDC0p1XC8hFsf34LD5ZYXYWGlSiMtbKXLGrq0ygBfaQe130_HdLIPBrReCmgbJJxBWUs0C9-cKLCxBZ4j5yM4R6syGUDLe8-2Ft3R6drrvKkl7GHNZM2tMvVk94nUX4mbw3o4kPcndfI65o4wUjJvzjCFF4LXyTo1piCp_RHVFNDcQtE1jf3kA2tzbws4aY8QYwaBpNB3XwWyM16IYFfuCR7cxvjoJdOamUJT8CXaNZL6j3geDm3PzE3lDHoW9QI3d22csefuD1hR5L18RvoiqgfKYqwT3n47xucNcYS103NiJ9HGQUg8Ph-uPyKYxA3l83BAnD7r8eDVxdjrshSRSwnFsnJOkVFgZJEaeK8fpJWTuoeZLP4YEuldERIx4dnZ38txJ80Pfc35crrN_lpEB4OsRI6Y3ueYlw2gypmcA_CdWZlvniRgWloejQLdzMVQfC1AGIORoOCG1Tc6UH785vnSusbt2FHQoyx5g4nWfi7mLa1BqxJk2Qf8cB_cKbRLt7gSJA5mcX3PtmQCCUGEjvbWsbR-aewLjK1U-UUc9ZSuTwPNmWMwTQEZD8Ncn_H6X0lJ6RaNyxfCQv729_-_3QN-JuHvbwf1Q6RWlQhnWCNOvA2mq7N5rOhOEUG8ULDqav-crxCEL_nLgROOAs2Vm9P96L61xdsyWmleqn-nOTdg&sai=AMfl-YQwgr6SXaUSbYy0-vla4Th79cCtXR5y3L09RO8WuxnLV1rdJDcBfYs7thKyopa1wQz8oMPwPNzUlvjyUboeM37U3aR4HVEOdprCKagUDVgZD9uOnxzpH9CyfggtpyJLuiLZ93nJbufn01hSlsaKNa_r8wV3GexOcYupkr0_yHe0B0WK2m-pY12ZYbmED9ixT457JCFGPKYGd0CWetuVE2UDRmUspUww__VfK-XzBpbW64QagJTb5OcVpNFJv2BNAOxYGv6u_Gl64tR37Y74CniPJ8mqDfdYhmRtkTQ1M4ZrYYiY3zAumUiE9xgejAUc4UGUkUBqQBgzvvRr0jkRcf6CR5J8VKMyPaff8OTudSH0qKhuddoU-nfMHE2YLpJuuh7JvvNIoP-FJVfbj3VHCYn2C7etDN8fQyfnnM1pwsSu0kNAH2UzcAMfVxBaOMiN6xRF7Og-lU4ooIbDiE3-KXXDwjjB9PmxtEjY__bfYyQj4rj5ewALYXCJWO7FpiGWXXIgHg&sig=Cg0ArKJSzJSvukjUNFPKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1059&vt=11&dtpt=645&dett=3&cstd=399&cisv=r20240215.84183&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tongdai-facebook-vietnam.fusimi.info
URL: https://tongdai-facebook-vietnam.fusimi.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 19:44:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 176ms
175ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240220&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccce745fa1d8d0ede4371321c152fb834cae3f777e3aa3de2e8530ec9922408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12530
x-xss-protection: 0

GET
H3 200 Futura-Boo.otf
s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/ Frame 03AE 68 KB
47 KB 65ms
64ms Font
font/otf 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/Futura-Boo.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c9f367f83600f6cff5a079e12affcbee47c4ceb23d23a9b58043dbaa4e90f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 22:41:37 GMT
date: Thu, 15 Feb 2024 22:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47832
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 PlayfairDisplay-SemiBold.ttf
s0.2mdn.net/sadbundle/18264978128295342468/fonts/Playfair_Display/ Frame 03AE 189 KB
88 KB 84ms
83ms Font
font/ttf 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/fonts/Playfair_Display/PlayfairDisplay-SemiBold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1e129e61c556592432ebecf921dc3e54f23caa8b7f9d5668db90bbcad63756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:02:57 GMT
date: Thu, 15 Feb 2024 21:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90365
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Futura-Lig.otf
s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/ Frame 03AE 67 KB
46 KB 74ms
74ms Font
font/otf 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18264978128295342468/fonts/Futura/Futura-Lig.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c7021fc918c6db285a14dd652f2d3c612761fd8b4fd26fa1d84a4e899a2438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:54:04 GMT
date: Thu, 15 Feb 2024 13:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46624
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:06:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s2495505-main-zoom.jpg-imwidth=450_1697137362153_s2495505-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame 03AE 10 KB
10 KB 153ms
150ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2495505-main-zoom.jpg-imwidth=450_1697137362153_s2495505-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

980f37702dd256370ac7a54b27fd2016d21765d0bfa98a3842765f22e9c8d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:13:16 GMT
x-content-type-options: nosniff
age: 505870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10305
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 19:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:13:16 GMT

GET
H3 200 s2734085-main-zoom.jpg-imwidth=450_1705690873415_s2734085-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame 03AE 10 KB
10 KB 168ms
164ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2734085-main-zoom.jpg-imwidth=450_1705690873415_s2734085-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399b233f3ac24ab2b77f55c6f8612579e6c2aa05b1a63f91023182059a2e5a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:23:53 GMT
x-content-type-options: nosniff
age: 548433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10432
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 19:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 11:23:53 GMT

GET
H3 200 s2371367-main-zoom.jpg-imwidth=450_1697029255878_s2371367-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame 03AE 26 KB
26 KB 178ms
174ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2371367-main-zoom.jpg-imwidth=450_1697029255878_s2371367-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7262031b90a8bf9faab27b0316d4451cbdd2d5fb5004998c67b4dd1d043811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 10:16:28 GMT
x-content-type-options: nosniff
age: 552478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26962
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:00:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 10:16:28 GMT

GET
H3 200 s2518959-main-zoom.jpg-imwidth=450_1697029255878_s2518959-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame 03AE 16 KB
17 KB 171ms
168ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2518959-main-zoom.jpg-imwidth=450_1697029255878_s2518959-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21f523ca182f1c9b24613d26c9469aa33e78ad52c55bc05989e14fb40e76037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:49:20 GMT
x-content-type-options: nosniff
age: 528906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16879
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 16:49:20 GMT

GET
H3 200 s2031391-main-zoom.jpg-imwidth=450_1697029255878_s2031391-main-zoom.jpg
s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/ Frame 03AE 9 KB
9 KB 167ms
166ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10994566/www.sephora.com/productimages/sku/s2031391-main-zoom.jpg-imwidth=450_1697029255878_s2031391-main-zoom.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc8722510b51d48fa2be43d27e96906a5c94238722df9088849d0388a7a3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18264978128295342468/index.html?e=69&leftOffset=0&topOffset=0&c=31B5mbmF3p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:30:40 GMT
x-content-type-options: nosniff
age: 544426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9640
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 12:30:40 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 03AE 17 KB
6 KB 105ms
105ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:44:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 98ms
97ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081301

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:44:26 GMT

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1935 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:09:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1027 13 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 85055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 20:06:51 GMT
expires: Wed, 19 Feb 2025 20:06:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C58 829 B
996 B 86ms
84ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae9849f039187475107b3ff11f264ab8bea4152072b8e32186b5f97164aba7ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-06l6HmGwa38NSw2yQeDMnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tongdai-facebook-vietnam.fusimi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-06l6HmGwa38NSw2yQeDMnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 19:44:26 GMT
expires: Wed, 21 Feb 2024 19:44:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1027 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:09:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C58 0
0 133ms
131ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240220&jk=2695343763223474&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1027 0
10 B 64ms
63ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ShfFwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:44:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F517 42 B
64 B 138ms
137ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVLag63qUVjUMtUnm5jYeAvECPIjA4gAMnbBk50nGAdqUIt5jgJExjiSbWtaEuSMAUrlzTrDLnzFOaENLgPvliDstb_UrX8I2-BGvDNJEMkHoZpRbDsVlcvsVjwGAeTryNPfrtJtOQQF1yMWXS9MlDHkT6Xay0t08&sai=AMfl-YSWFfOgT83YtDmRcry8HcBOrt2Ht8eMPW75K28mvTp9HfQHCp38WnvMmF_ob7tPSR5-QTqVYtOl4l9DxYtIH288pAaQdvoiJlnKTLMD3E8bjncrnBKYNKKHRktvWftboElsBM1MN8MR1hNAncTh&sig=Cg0ArKJSzGafTDaMf8UQEAE&cid=CAQSTgAvHhf_cuCUstrhKX6cMgTx-5VMOM8aEfRNSjVUu5Iqv22KWs0GPUY0ovyeUWayIbWZw3oKgm0i1MYjrAZsoxVcse7PTyRPDbLpw0cKVhgB&id=lidar2&mcvt=1009&p=0,0,90,728&mtos=788,1009,1009,1009,1009&tos=788,221,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=447746500&rst=1708544665200&rpt=654&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 137ms
137ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240220&jk=2695343763223474&bg=!CwilCEfNAAZ3BdUuVwU7ADQBe5WfOICnuif5lxTGF0prdQmXks86loEib8H6PkFRbhny4CKdEhyhIfAJNOPknT_yjGALAgAAAG1SAAAABGgBBwoAdEKZTTB9RGtUNCgHEA-EAs1HbVRLaqvMrkthkO1uLwptEByhsq5anKbT0_pOLpRs-vw4Gbo2nO0OqPeqikLgVwuYLrDCUSYLbBJBEh2hy4VZUqVf4NEuLltwqij2EoEK0MHDZ5TZKkw8JFaW0uEYqvHzqSNCmQLfkZTPXOFvdxCC_G26Yg11IaDfEADFZK0zAlOhZMqqmTcb9Q1z74_f8KNZm3Zti31IFBAkGiOBjZG4yZzmIDZY-Gr6UqO2XDDLrZV0fGA2lnzOfjeurnFvtZHWZifRZEqRdLdyrMxfX80T64YIvPCP3wgOW3EK3xCwz9SCDOZoBUsReZrXMhYsdC4bJtw1bG5prOkJ_SA0yP7cwh0Ov_mJXHq1gBevhUcnzuMIsZfCozGaN5VMVH8cRGzFCHDrVxeH_ICjNQIqyfEd4DFa4CnIuC1ZL1MVKTab4WEBJBq8dC70ajogzCQgC63YHE87pocJnCMWtGNAix9wYtMU7eC2hcGwdaxG7kp6MH3_CjkL4f9kD_XBonx43Fr5i2Ey2tYGsVpp2TK5ldP5hWLGfu_JadgeWE1xVJyO92mOP6tsghx1516_BwNN3IjiqtFC_CCYCKA2lg1v3SRLGA_Q66cerpHEFsqqcBLYbGqCwoxIYVrP5yWwahaVNH2ArdzJvwVjnX5qFltgiMHX2SjKw7vOGoGKHYBM36Ut-7UytUc4j0kNfFfLh7zz-9QOjiMxljbKyh_UKN4AsNXONxtGkyIFwdNzwcYCOrxJVJ1ZXBMvknUs1UJzKyhS7864HXHJQRh5RHc7XzOazMsdgDaTHUNqTrgPaSWsEaS39sOLqpFwOZJp9tt5Ug23RIM0NQvaKwrDb7nGKennt-v1F5Vp-ZpthMbgKWRfrCGFV3ZtkKJnSaye4_vCojF7-eD3Ls0Cq5ihqleJiNiDcrZtoSlGUIFtSyMAQHVY7lJOB81KBJU7yzWTSxMp9hwGnjb4hcJjZhgsH8Rp5pdM77GaF0OWKZrVCWWX2nttFHsEWjX-PsZ6gF7l71EQibxt0LIap4YNCXFsa7fC3j7j4DiV9i8oA0fRUoeErADHZvg-JWdCIZzih1lkeJ29dS_3TB_yy-d77EmN58Xjlc8L2eWLTEngKyy2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongdai-facebook-vietnam.fusimi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fusimi.info/	1970-01-20 20:45:20	Name: _gcl_au Value: 1.1.1589081647.1708544664
.doubleclick.net/	1970-01-21 04:11:44	Name: IDE Value: AHWqTUkE85XB8UA1Fz3p9Ve3qMomHKY5mwon_rXEMhPypT547eB0EVC9lgyYKO9Z
.casalemedia.com/	1970-01-21 03:21:20	Name: CMID Value: ZdZSmdHM768AAEPRAE20vwAA
.casalemedia.com/	1970-01-20 20:45:20	Name: CMPS Value: 1485
.casalemedia.com/	1970-01-20 20:45:20	Name: CMPRO Value: 1485
.fusimi.info/	1970-01-21 03:57:20	Name: __gads Value: ID=17736b7c26ea079c:T=1708544664:RT=1708544664:S=ALNI_Mbl2QJv4cjmx8EWzpS07cOYQ20tWg
.fusimi.info/	1970-01-21 03:57:20	Name: __gpi Value: UID=00000dcbe973c4b9:T=1708544664:RT=1708544664:S=ALNI_MbQ6GpubW8cf7r4sJlDL1as31PMFQ
.fusimi.info/	1970-01-20 22:54:56	Name: __eoi Value: ID=c9ebbd3a22bd920d:T=1708544664:RT=1708544664:S=AA-Afjava6N_-oVnlfLm_kt2ai5b
.adnxs.com/	1970-01-20 20:45:20	Name: XANDR_PANID Value: FBnCtnbee-zbjXtk4Pb6z4PGTBUhx0TwOpvIu2RN42rpoethSiTPb_pOscTim-wGoFYugsnAos6aX1soHSLCal0P6Y_BG8so71ZcqpCaEiE.
.adnxs.com/	1970-01-21 04:11:44	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:45:20	Name: uuid2 Value: 4756704147113778841
.adnxs.com/	1970-01-20 20:45:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPjBFnC!]tbPl1M>e)ZlrFUfJ+tGXxoL?:@[nD<bH#D:oRqUzTF>[-Av8Q<:C65vT@.3If)y3KL9D3I?+DZaYCW
.doubleclick.net/	1970-01-20 22:54:56	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:35:48	Name: DSID Value: NO_DATA

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: <link rel=preload> must have a valid `as` value
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tongdai-facebook-vietnam.fusimi.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
tongdai-facebook-vietnam.fusimi.info
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.80.70
142.251.40.194
172.64.151.101
2606:4700:3030::ac43:ab2c
2607:f8b0:4006:809::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::2006
68.67.179.153
01c7021fc918c6db285a14dd652f2d3c612761fd8b4fd26fa1d84a4e899a2438
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
10c9f367f83600f6cff5a079e12affcbee47c4ceb23d23a9b58043dbaa4e90f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1930ade9d196235872eecf2f23d675846ba2afedc0091353d55c34273eb8e541
1ffeb32cb8ed889a47f30c1f4424ecab709ee24055530488ad466c2a21817955
21f523ca182f1c9b24613d26c9469aa33e78ad52c55bc05989e14fb40e76037f
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
399b233f3ac24ab2b77f55c6f8612579e6c2aa05b1a63f91023182059a2e5a90
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eef348292128bbc1834688a43068e5a8417dec106542bee6b31d78775a6406
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
49f4c18d62a33d6c0703a69fb7163543e4aba36645d258a224eb576dd6cedf1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51c20179410b130c00ff5a394318db785a9a898c8e1ad2ba99d3e223ef09604b
521f1acac405bfbb2c2bdc3b2a1bf1eb5eb37dd790074cbaebbdace94f05eba3
550cb2681979e286f4588c97ac60ee8e04734f672eb9eb5782ba234de66b02d1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d122ecd8b8b474fa41fc4ca0f5df8aa78a103a959556b3942f951ea07ed581b
5f13624632e913d3810fff3a1d5d50ba10fe32614ca3cf7260858934eded5514
60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a8a52511ff233cf8c6788bc9391300ab4c72317b5e1e952da6742eebc5e3ddf
6c3669b8e2c8d60c9eb6b00acf6b79c7fa2d976ed3cb7ead7f4de59fbfd52fba
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719ebaa7a8e79cf3378f1bbc2daac1eecb7a8347b867691c271a75561211503d
7906c041872372ef50dcef069befbfd081c4548bb84ff12449ed458d91c3b299
980f37702dd256370ac7a54b27fd2016d21765d0bfa98a3842765f22e9c8d173
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7262031b90a8bf9faab27b0316d4451cbdd2d5fb5004998c67b4dd1d043811a
a733ddf320f1b2dfeabec224e80b4f3bd2a74d127de1d5db5e09b512eafff503
abf3708f9c84da1b66027974ac67be13d1fed87ca7ba4e5a5792bd993a8217d3
ae9849f039187475107b3ff11f264ab8bea4152072b8e32186b5f97164aba7ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cac9ff1aa88cd372a85fb9b518a644d6cb2cf14c42a197538eeb8726e6d31661
cbc8722510b51d48fa2be43d27e96906a5c94238722df9088849d0388a7a3e41
d46f61376900a925367b589226ece46a524bc26b5eb674d9312a01ed4ea73149
db2b1f1dc7d225711c85f09a2cdaae3ba3900cba74bb08f0b212b406fa453c4f
dc361b8ba3e67da9ce4e4ef7da1a46a8181b7c5ad333599663e3c28f4eb24592
dcf7bcdc590a7ad2136049764fa6ee56b20c333e45c1d17b8b7f6415cde212a5
dd1e129e61c556592432ebecf921dc3e54f23caa8b7f9d5668db90bbcad63756
ddeaee327eda6acd35de8687c29ed65db0a6092cb432e5768d6dacc81415ef92
de1f733280a700db3a6a614d2384950ddbc4f6272de15dbb4ff2c665f0b66137
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e738234335a7be4ccc3a3a4ed4e39dc840e13d32bd3a7e26fb19495da0149cec
e96e5069601f3917388bea9bec38329bd281dd952dec19aa68e7404995ebfcca
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eccce745fa1d8d0ede4371321c152fb834cae3f777e3aa3de2e8530ec9922408
edcfba1e48e0a70116934e9978bc4a5d95d69f8823567674bd7bc0111db0d206
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f11d6d9f625a068ef103361647fdf8777bca62da6468271c0c7a09a725ce9b0f
f805401581229c436f09f3a613f91cb54d9cc15d3101243529c97373d59667fb
faa04c655b128f3850fc880a247b11f9374e1975abf4da8e1f989f75c1a588c6

tongdai-facebook-vietnam.fusimi.info Open in urlscan Pro 2606:4700:3030::ac43:ab2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

95 %HTTPS

71 %IPv6

10 Domains

14 Subdomains

15 IPs

1 Countries

1349 kBTransfer

3752 kBSize

14 Cookies

1 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tongdai-facebook-vietnam.fusimi.info Open in urlscan Pro
2606:4700:3030::ac43:ab2c Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

95 %
HTTPS

71 %
IPv6

10
Domains

14
Subdomains

15
IPs

1
Countries

1349 kB
Transfer

3752 kB
Size

14
Cookies

87 HTTP transactions
1 data transactions