zuto.vn Open in urlscan Pro
166.62.6.80 Public Scan

Software

cafe /

Resource Hash

f8e34adb98de11dd8132bbf783fa45b17feea87b79521e3fa286cf4ab251fb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
Origin: https://zuto.vn
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51448
x-xss-protection: 0
server: cafe
etag: 225058216074432838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 22 Mar 2024 08:12:25 GMT

GET
H2 200 eyEwAUYqiwgb53OmTck4GoExvE2VPcn1MEQxeuEs.jpg
zuto.vn/files/thumbnails/ 36 KB
36 KB 39ms
38ms Image
image/jpeg 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zuto.vn/files/thumbnails/eyEwAUYqiwgb53OmTck4GoExvE2VPcn1MEQxeuEs.jpg
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: c3f178d136f32da14dadc6a03680bbfac151b4163eb9a88fc8c63e54fa778872

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
last-modified: Wed, 01 Nov 2023 18:01:16 GMT
server: Apache
accept-ranges: bytes
etag: "99e3e9b-8f45-6091b0eb87300"
content-length: 36677
content-type: image/jpeg

GET
H2 200 WdxjUIQmeblBz.min.js Show response
zuto.vn/js/ 324 KB
89 KB 97ms
97ms Script
application/javascript 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://zuto.vn/js/WdxjUIQmeblBz.min.js?id=0cedd39fb95b543b724fa46247000880
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: 731f41406207bed7821ce7c42300ca72b7d938362a4a2170b20c5b04a861ab62

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
last-modified: Thu, 29 Feb 2024 09:49:02 GMT
server: Apache
etag: "8ce252a-51196-612822b505f80-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 90960

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
94 KB 378ms
30ms Script
application/javascript 64.233.170.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MVERJ6KTD0

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3130e58d6df066be928a771341b543a342fab59ba53c7e54a15470258b162171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 08:12:25 GMT

GET
H2 200 logo.png
zuto.vn/images/ 19 KB
19 KB 34ms
33ms Image
image/png 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zuto.vn/images/logo.png?ver=1
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: dfb96099b74a7530b2d1295fa547bf019380eb2d0d8ec90580e093d36b87b581

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
last-modified: Sun, 30 Apr 2023 16:14:02 GMT
server: Apache
accept-ranges: bytes
etag: "8ce145c-4c4d-5fa8ffe950680"
content-length: 19533
content-type: image/png

GET
H2 200 zuto.png
zuto.vn/images/ 14 KB
14 KB 57ms
56ms Image
image/png 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zuto.vn/images/zuto.png?ver=1
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: d215ced5d19d15bb85b000532e4fd52b7ab2a4d8e6c43a059fea504076210bcf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
last-modified: Fri, 02 Jun 2023 15:34:54 GMT
server: Apache
accept-ranges: bytes
etag: "8ce0047-37b9-5fd274b64c380"
content-length: 14265
content-type: image/png

GET
H2 200 Roboto-Regular.woff2
zuto.vn/fonts/ 45 KB
45 KB 67ms
66ms Font
font/woff2 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://zuto.vn/fonts/Roboto-Regular.woff2
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: 0e06b644b6a16008f132b276638931b9dc08ca8b5e755cf6a6e54923fa16a950

Request headers

Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Origin: https://zuto.vn
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
last-modified: Sun, 30 Apr 2023 16:13:29 GMT
server: Apache
etag: "8ce1e55-b218-5fa8ffc9d7c40-br"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 45596

GET
H2 200 Roboto-Medium.woff2
zuto.vn/fonts/ 45 KB
45 KB 70ms
70ms Font
font/woff2 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://zuto.vn/fonts/Roboto-Medium.woff2
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: abd44ee38bb82fc654148416e5a8a0b5515cc551ff3175ee15422f96bb6e0814

Request headers

Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Origin: https://zuto.vn
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
last-modified: Sun, 30 Apr 2023 16:13:28 GMT
server: Apache
etag: "8ce1e54-b550-5fa8ffc8e3a00-br"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 46420

GET
H2 200 Roboto-Bold.woff2
zuto.vn/fonts/ 45 KB
45 KB 71ms
70ms Font
font/woff2 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://zuto.vn/fonts/Roboto-Bold.woff2
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: 91bde10a40adc8750db8bd9bb07b20f3681b737b0fccb117ced318388fbe2962

Request headers

Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Origin: https://zuto.vn
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
content-encoding: br
last-modified: Sun, 30 Apr 2023 16:13:29 GMT
server: Apache
etag: "8ce1e52-b45c-5fa8ffc9d7c40-br"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 46176

GET
H2 200 logo-ft.png
zuto.vn/images/ 24 KB
24 KB 98ms
98ms Image
image/png 166.62.6.80
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zuto.vn/images/logo-ft.png?ver=1
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 166.62.6.80 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 80.6.62.166.host.secureserver.net
Software: Apache /
Resource Hash: 1408bc3bdcdbdcc5d1c919507c032c017f0e24125403935150106504f1e6684d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:25 GMT
last-modified: Sun, 30 Apr 2023 16:14:02 GMT
server: Apache
accept-ranges: bytes
etag: "8ce0055-5f21-5fa8ffe950680"
content-length: 24353
content-type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
248 B 363ms
20ms Ping
text/plain 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MVERJ6KTD0&gtm=45je43k0v899422867za200&_p=1711095145460&gcd=13l3l3l3l1&npa=0&dma=0&cid=1197117489.1711095146&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711095145&sct=1&seg=0&dl=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&dt=L%E1%BB%9Di%20b%C3%A0i%20h%C3%A1t%20-%20C%C3%B3%20Ai%20H%E1%BA%B9n%20H%C3%B2%20C%C3%B9ng%20Em%20Ch%C6%B0a%20-%20Qu%C3%A2n%20A.P%20-%20zuto.vn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVERJ6KTD0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.139 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zuto.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
139 KB 391ms
53ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1331499336525420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9007dec02909a727af81f9b395ed186f150360467bea4e115dbbbfbc4ad9ddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141453
x-xss-protection: 0
server: cafe
etag: 6870309788220457517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 08:12:26 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41F8 15 KB
5 KB 860ms
510ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&adk=1812271804&adf=3025194257&lmt=1711095146&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145756&bpp=7&bdt=484&idt=441&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5877292326192&frm=20&pv=2&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=465

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071672e877b8ddc528685b4d3e37b57d7373be4999d9a8a1577ac7dd446e11eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5286
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 57ms
56ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAEA 139 KB
44 KB 802ms
464ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=280&slotname=3569562698&adk=4164683174&adf=992210805&pi=t.ma~as.3569562698&w=600&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=600x280&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145763&bpp=2&bdt=491&idt=466&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=472

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7898703797c48ed006784386f11f859206309bb23de5b9865c4ea3f0e2e97fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44713
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1FDD 29 KB
13 KB 932ms
614ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2cbc6f4358887b903149f48b8dd8bdfc7a60ee2674629a12e9b2ffe71eb7e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13127
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5B8 23 KB
10 KB 855ms
550ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=600&slotname=3569562698&adk=2390998479&adf=1748668277&pi=t.ma~as.3569562698&w=300&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=300x600&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145766&bpp=1&bdt=494&idt=497&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280%2C300x250&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=502

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a58438de8dbf7554ebd9f2949e55fdd992e5f16cda2f7e39016767365e175714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 15442059583737242833
tpc.googlesyndication.com/simgad/ Frame EAEA 46 KB
47 KB 426ms
32ms Image
image/png 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15442059583737242833?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql58ibzd8iy2-F_LDfs9KMZLwRY8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=280&slotname=3569562698&adk=4164683174&adf=992210805&pi=t.ma~as.3569562698&w=600&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=600x280&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145763&bpp=2&bdt=491&idt=466&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db2d1e01819d7924647a7ff7cfc600e4a453d8743562b5bb33da38d659be94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 19:30:57 GMT
x-content-type-options: nosniff
age: 132090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47596
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 03:05:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Mar 2025 19:30:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame EAEA 23 KB
9 KB 425ms
52ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 941E 143 B
228 B 25ms
23ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=280&slotname=3569562698&adk=4164683174&adf=992210805&pi=t.ma~as.3569562698&w=600&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=600x280&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145763&bpp=2&bdt=491&idt=466&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=472
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:05:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EAEA 3 KB
1 KB 426ms
55ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:51 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame EAEA 67 B
196 B 401ms
31ms Image
image/png 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:52 GMT
x-content-type-options: nosniff
server: cafe
age: 35435
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Fri, 22 Mar 2024 22:21:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EAEA 20 KB
9 KB 399ms
31ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:50 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EAEA 206 KB
63 KB 23ms
22ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:08:47 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EAEA 36 KB
14 KB 426ms
58ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2c308318200321bc194c7dae715236fc4eddaab4188d1a0568a8fa8721024a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 19:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14701
x-xss-protection: 0
server: cafe
etag: 289687390770401761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 19:10:05 GMT

GET
H2 200 ca-pub-1331499336525420 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 472ms
79ms Script
application/javascript 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1331499336525420?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

121acb89cb9ce07046d909c99dd3bce642f4c1199a97b846b499d50a0812ecf4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EwtBjT-CCXe5rz4MSKowdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-EwtBjT-CCXe5rz4MSKowdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8frXl_VsAg3n27qZAOsmMZ8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 60ms
59ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&hl=vi&pvc=4128295321643826

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5B8 42 B
110 B 94ms
93ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuEYPZUcWcu8Vu8-vppAPJsCFYCAwGBLfCHUDewgvnFQ4kXe0inrS0ZDQAR-aHB9jw4o1Gt80jIhyziQ_bRHghYXU1v0g1n8DolNO87kw0QIJxsUw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=600&slotname=3569562698&adk=2390998479&adf=1748668277&pi=t.ma~as.3569562698&w=300&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=300x600&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145766&bpp=1&bdt=494&idt=497&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280%2C300x250&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A5B8 94 KB
33 KB 63ms
62ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 08:12:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame A5B8 3 KB
1 KB 158ms
56ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame A5B8 20 KB
8 KB 160ms
47ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:50 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A5B8 206 KB
62 KB 38ms
38ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:08:47 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FDD 42 B
107 B 85ms
84ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqyEYvejewxUCA3aD8g90JvgDLYW4yjPu_4B9B5UGlhrEYRY0yfVN5W3Kmj7zyC_abAIWUI6SWJHVO3bpjzTrLEfcPuUs5cRJyVckhje50ZTdEigM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1FDD 94 KB
33 KB 81ms
81ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 08:12:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 1FDD 3 KB
1 KB 144ms
51ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 1FDD 20 KB
8 KB 149ms
46ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:25:50 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1FDD 206 KB
62 KB 58ms
57ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:08:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B7D 624 B
509 B 58ms
57ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEY3saOiQIwAQ&v=APEucNV5wmzjqbjS2iEBMXofD-MupAGgeUwjU4dFEFgbsMLaJmU-Rhpdg6sNNQegzN_BIQBrAYPMchagvbK3c1BW_Zdy45kLEw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=600&slotname=3569562698&adk=2390998479&adf=1748668277&pi=t.ma~as.3569562698&w=300&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=300x600&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145766&bpp=1&bdt=494&idt=497&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280%2C300x250&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=502
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 941E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

50ms
49ms

Document
text/html

142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B3B 624 B
506 B 69ms
69ms Document
text/html 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPuxwEQm_ra4wUYyoePiQIwAQ&v=APEucNWhYvhMZF8-umvXcCU7nmrRMxfkGVOCRDSBWK_BLjZkgPBRJJj-5OOZUjo9wvUVtvSdKLHE_UfIP1zWwJCFrp_9a3w5Bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:12:27 GMT
expires: Fri, 22 Mar 2024 08:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2d5XfGhelrUmT3bOCu0Tc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2d5XfGhelrUmT3bOCu0Tc&google_cver=1&C=1

43 B
737 B

40ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2d5XfGhelrUmT3bOCu0Tc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEY3saOiQIwAQ&v=APEucNV5wmzjqbjS2iEBMXofD-MupAGgeUwjU4dFEFgbsMLaJmU-Rhpdg6sNNQegzN_BIQBrAYPMchagvbK3c1BW_Zdy45kLEw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDl2l64c3pSTI5QzocwjTjwVnBNVXyfXUVTvnnlIQQvPrp%2Bhk4R3e2gQGMQ4%2FVrxnySgpJweV4uP7p%2Fr%2BzHd%2FQTZyra%2BhU2I1q9xuJPi0eH3JWNghnvaq39EnuXPuf4eyTvGNcjXIz%2BxBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8684b7809af44115-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BV1%2FYPCwMGL9fXdepxGavMSXQoyFteTgcQpUptGIrC8SdraVrUatms9J0VRnde7nv0W2fXWEN8QopjTs970uQEgiI7g42Fn3YGXO7DnEDQGdV0yw84MwHGX0sNt1Ez08530OktQ4wFD4UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEK2d5XfGhelrUmT3bOCu0Tc&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8684b780493d5ce3-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zf09a4sFVg8AADjPAM7gUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1

43 B
729 B

45ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEY3saOiQIwAQ&v=APEucNV5wmzjqbjS2iEBMXofD-MupAGgeUwjU4dFEFgbsMLaJmU-Rhpdg6sNNQegzN_BIQBrAYPMchagvbK3c1BW_Zdy45kLEw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6i4HBXyp%2BR9gYf9teQlH0MLcrIonIinKKX1KpBCoDIAIN0FSkpek3jRIVVyDQ1N0TTWuWfYNkiT0nASKyr2fgxtSKX76y7Ov4iNjoSWFg66PHm2Qso0Szl4RDNcEDlBnlDlXbAWmRLEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8684b780db464115-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENwG5TM35cw4W7vOMbBGagE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENwG5TM35cw4W7vOMbBGagE%26google_cver%3D1

43 B
1 KB

49ms
48ms

Image
image/gif

103.43.90.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENwG5TM35cw4W7vOMbBGagE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEY3saOiQIwAQ&v=APEucNV5wmzjqbjS2iEBMXofD-MupAGgeUwjU4dFEFgbsMLaJmU-Rhpdg6sNNQegzN_BIQBrAYPMchagvbK3c1BW_Zdy45kLEw

Protocol

Server

103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: 9ae8238f-7949-4c62-b87b-de5e9764784a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: 8b04b9dc-5636-4773-a45a-2ff90f9463e8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENwG5TM35cw4W7vOMbBGagE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D

170 B
232 B

27ms
26ms

Image
image/png

74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D

Requested by

Protocol

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: 02ce09a4-cb49-4786-97fe-ce3aa6a99242
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5B8 0
56 B 81ms
80ms Ping
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8638116799393&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5B8 0
56 B 87ms
86ms Ping
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8638116799393&version=m202402290101&ct=119&x=1&cor=17639393923701576000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A5B8 91 KB
39 KB 72ms
71ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxLB-AwXlqyeHE3BAiO6k4KKItnGLRQWPx-9lyVz4oFExRL1AcwkYBzu3ThCwmpK1i5cYi8Dywwk0QS72I3xxHOzc_B9phVEdnu-hNX2H2rvxV2czn8RMv_lvqsfFHPIS2aVrfc5Pf77VQJCrheOXBd8ZTC0zWtmJ07mCbde-AhJaLiRNbNQBxRRNjFqACLwqPPfJqsUoJ1osI4yvyH5bEyd8ZAPBqEFJbdRR8FQtvnQBFpOs&cry=1&dbm_d=AKAmf-BK7XDvm64DvoxZUMDbXLlgGoX7WB3ENJtHhrjHvnsDBGAJtYVwMp1QQlVInoifh2iU34oCzWEkl8Vapiv7_5eIYXED_LecW7P5tSUdmonUr9U45dbdyYLAMIwEvEhhmoTZKvTYT8O-bW0kQxOhvTyduR3pLAsERfbJ6T6hM2P8Fw9YJra7PS4nyr4cDXRp_WgibiK2IbWXZwKQq7trYXBHrF8eDwHhRfWs889spEwGGIluXv76YfGa97KzgDZ6zzfn-NkX017tC-RFpg9iqd7ssvXuUbWnkUAVS96LnyE7PiW5n0cHVuq9_BVuMtjxm7PoC-L4aMdeTMZA7_3zaZvLjJju1Ku_EQd5MwQ73ODDRryRu9-AKfZZAaFHTZgC6ofiMRF4g2Yqs3QPyhskEw5HNxSaCBcN1oXxtxC7a2Jd-v3Swi-oytjCcWyOL4OJZF4TQUMBZf-8Tw_fZdn0EfLNgRGKUDT-b5_pkvQIWdtXeyocsNtsGiZVaU9VesubB8FskCWnUXIyPwFrLeQhU1MHzRLzKfLT8XDP6fQCjtx_nrsdisdHfzTAXxxp6g6aXwzc5dkn1Jm_shVp2l8mFonSyy8Xc7777808fd7d2bklhxkNC74UCCxbLSCIYGHoZ90IgK2FD9O18LVznLhXeGrfBlELqWO6xe_LQHN451BS8soOs7nx_vfDSZs0QoKxeXB7VCV7anEV6Vmx1App_pwqspBGGsmhFgdSfRoI9VDUr18lK3jhrSv4sqCWk6askA7UGND290X-TtzTsBoH6BhOFF4Pw8dF6EgPe6mtR_fuI8C4EB1wKELCE9AQBw_rR5UmRbuqSBymMw5BBCH8GknizhfrkcyP_Os6YJEFtd5RIgvTWwNANCKC2i7mI7SvMuvCdOfKfSE5d0Oow-Y1fBOQ7dJE3KIsi_BZWzqcrXrIDRuI-NzgoLjdbtQgbAbwB593b7bPTJTuv7rGKw83t7A2NJmlO0UNLotMngBvKikYqU7UTFrmJZjKyX-vCn843IHUJ6w9yESKrbiDzdjKJ4HBv-T7RF9k6g_cTZDWlwAyXTsGjYBFa83fvWigf0nKmx4Fg9YGaGUj0_ePq2HJ8PLCoDzRKkmvfe3Scj_kVD4uknSw0KQSRFjXiGROd2V3Jvkq8ue1VC4zJwWafW_jU2_neHRi7Kr6y2iA4g1mjlZbn6TuK9JgDpn-UVmN5sCOwjJLhKavsW2vZbQHot3AYAZqduYn0cd6jWF8DzFg5M_oPiqkMkEFc1eyuAEHQP2uf0-zNqWU4MuP1gWwH8q-jfG1gXu7MbHIFm-RtGc9Hz-eLFx872FwxlnyLUiY9SOshour-HOKmN_bsi_ge1Sw3z-f73IvWOhsNKjQ4calsdPZmjr3D4vtAOttFxHfS7YtBroV96mM2OiUGVWZz_EVbQvkfgcBmGIKjI6YeR3feNLxMZ44crRBYM-Ud7N7p0gIj8UlujHBgZyq8amCD1zXOMvu4tqj2OBngINaLpu8YWKg6mcUctjfyRvSJEY_JdiI9_yfUvan9kiLTIw9s5xPwOTnF77JF1ki1zgSbop6vjHAt4aboOuFIu-tkAhVUN6ltYRG69afQeVHhdnfClTRUlY-9fHQduJBVpb7wdoi3_ehy8Ex2hH66M9UYQXqmTonJprGqcXMFb1m9D-Z11yNLCfWq224g1C5BWImVtRvWpFm-i0B1D51wPPiocVt2Zx_jWqdSgZPh1UeO9M4EAyfld1h2nne-txoWb-LRVqDScLdUjSiKwnsMly8kWie-6ZQfq8FzOmy5hpEmvvdaF4CT0VT4SM6crwIbHoI0LSzh5QZY-Aojk4Wt5Ak0E8h_-3nrvRWwsipGh-wUgcGqS9ivMm1qaqCgCpIbQQsnOit99ACjgy1pLX3w-yCsi_TW-_jGaZiLM0esbkVQb3jxeSGfLbrqCj3-yPeGiqrZCfXCyo-K_4dszL3JMnZruu2kZv8Qo40JYnmanR7f8jj6_0i5SMC8zcJ-oSh5dJv2ZPJcOvRWe2Y44-H6l7dRDZYJVTEXzBGHuRE3rTe7nPAwlglNouR9fnETOZ30PECkPjLbqqtzEWvzFr-OIlcMjjJ7WDhlAdwQZRtlel946uvVgJYWe6FttbfX5FKKg5mZb1l1xEAk8mDIvYGqQr6Kl8ibTmhkUYdmrXhc30E2uUtm72adEa4Q-xdJjPS-HripbLlMsRFfvRrq4Kn2esSUiXVEh0uInnUUV2wqEwG6aTeJur6tRqHaX0S0LJWomBMfX0vz6HnX2wMPxnLlfCxHWktCrl_INhArDze4Ne43gc33Ekx0soHDrStYVPTOkpoxUVzxsZcmLoxRmQv7bfyCmD1EIGGF0_EDek15hSWTqYwAEyBfVoJvBXiIdTA7aJFmvooqTyrjaKn1S56Zi0PYmKgvVqrmZgIERscloNcoHjFjiqG6hOyrryX3lHE-p679YvJ_tsvu2Ixx7r1wM7NRJNd8mFwWvRKLfHV2-6TBKW4keZHGaVVJb_zbmC_BSnCTeIA7wNWRGu-GouDTompufsBEeCtFw7QirMneWuKswjhbl2LBaVLvQb_WINn_52D8VQLXaeEBYyOsuAxZp9JoqTGaeoB0_h6NjO2q8p0Zl2Olr5LxEDuCFlPU_IiJtGiQbg9XTzUvJHUKUQiOO-AMpMRc8uJ-GvAeCm8XySJDX6b2WHDuWxLaaKpkpcIU9OVEyfvKZVGMK8bZ80NUu69zZKlws751lqYMnrqgs3whB8ogs8J8qbFonfz_cVeLfgIJJdnbPRs1GwSNB_P8n6v6WFDUgtCFAcN49-YV-ykYwJrVvE0ucr61AevUJVGrWQ2hoBANLYAJ3OpkvbpnLLN_7b3RIrJZM53EQ0uK0zSh0Zy8ixVnP4L21ePVK-MNUBjq9iBlvWua3L2u6-ZlHf5itJ6taPXzdE8H9dPniHBebL06vLoQaapQ_FwfRizBM2sKAaBDNFfuxqIvu0WxtTT7MOjQ4EOZVK8IURQjb30rfL8alyzPoZn_tyyIH8wQxTT10kZ79DXF0GTw0kwMYxU0Bd0PXKiOWTGDPoJYiM6jTdWVwTUdaMnivZRxwx2J0Ysbqu3HkZAaTXu6DtcjowX4Rjo2zsEEQ29-sI3ShwsZNh8aQvAxb1_CNcJdmVpheFW5N0id1upWDeSqEY7ItlBlQuC-CSBWQO18XywtA-42pBnfo1lksL8ifA4z_Wtr_m2uY3o9gc5Gm-V8rU77u_o9NnpApAkJ9XxeXs9A2-hXVhjIVFGqRfRVRb98YNpnp4T8nD4W09Eh5ma8vNnLGAzjnphamOdQxwIhVIxSMyTEhpH4K8F1y3-xezlD8FrfBoR2AsY3DpkvgeSbAt4Mpbli4lCmV4NqYMjNivA_AKYsawQASKs-dx3I1sQt3DlC7KzubyUiirKMEvJo8_zrjMyIq-Loh3AM5WOnW9dfj33zAU1_q0AWO6zP1gDEjERjw0bfi0nFFbuxidNWtLqOIk1NUMERxlOkoetcvPWCAEngg190c8RGIWf_gD5iDtfnXA7taFe8RdYYZrGxtKGUofVMomLAt7BG1HvUO921DK90sTwuRdet_UzG0d59iu1VgijfPDKZW7eGAsQ1uLH8nuApmDLHMzf8Zw1VnAjrwfNUiFQXbAY0_4XNsFM0E4cwycdgwXYl9Tn25iw5rqpk-DkJmNuPOVvimLfLJn88k1m1uqAttlluEtsoALZQOFpX_VJrYhvmm_1zcnbAGQnpnZ738tZ2di6_kO7UoBTCiCiZpG15XH_GIfB_dpSwTENmlO-dgn3R68xAXvH7pQMGVrVAKqIOyFSR1btSdTxoJgZdiA--syNwFnouWCzvvn6afyYHx41s4_ZVzoEL_spEJj72edN_FmxTv5QeFzifzCH5TlOxLU2q1s6auKSwkpEMAQ-bBAZJz7UmmX8JUirrdxwuhALfWt9C3lOXvFzQfhtQwLFvS8vUTsRcuDQrqa4zUBgV_Qn7Swjl543lSFOzFryPr2OKxCXKo_h37jQgWaLvKZW7O_UKflDKeEuaLbvX7XyrI7XEoyrKcd41SQmFZiL0dwdOPb2ch2rBMX3AHlVm39Sv8u_NXQcr2ckY7UHlS9GXj0w6CLVJdofSe3tyuBdQPFCKVb5-hTNeooIHSElz2xCfvSA_WmAPnp-fXQ3glPWgYvtd_55GuHfIgwQR7SSrFGxzEK0npVP-B9Ze0NLW3-dSD1yl50a2v6gf3AHTS-1BTyl9E2C0n8fAODFszDT2YdsyxePFdAhgYcp&cid=CAQSTgB7FLtqC8Mkymh7AyhJjfczr-77Ne5olo23CbYbQaK4zmc3myyyyPG7t35hKj2vzIgm2r8lRKspvOtp4Yv3ML2bD2ftr923BCpjDzyAeBgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fzuto.vn%2F&ds=l&xdt=1&iif=1&cor=17639393923701576000&adk=250412561&idt=70&cac=0&dtd=46

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

cafe /

Resource Hash

af9126372122e8c41e530fe009521c497c316f1b00d3e36bfa4fe3336660fa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=600&slotname=3569562698&adk=2390998479&adf=1748668277&pi=t.ma~as.3569562698&w=300&fwrn=4&fwrnh=100&lmt=1711095146&rafmt=1&format=300x600&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145766&bpp=1&bdt=494&idt=497&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280%2C300x250&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=502
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1&C=1

43 B
772 B

41ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPuxwEQm_ra4wUYyoePiQIwAQ&v=APEucNWhYvhMZF8-umvXcCU7nmrRMxfkGVOCRDSBWK_BLjZkgPBRJJj-5OOZUjo9wvUVtvSdKLHE_UfIP1zWwJCFrp_9a3w5Bg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddN4HtadnlHEp1Mwxiehs8dR693a2Dx2%2FLoUTvXnGCSMSU%2FgMcS45c76cFP%2FI%2FDenp51jl5NSDJkSvWrxYzWzbOmx59qhJi4NEa3ym5%2BaNjwyZEIxQv0gLhRqqT14jw0L%2FcNE%2B6KcXGXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8684b7809af34115-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg5BsUkA5PFPMnbuFhzxk7jA0SMhaGb1mHq2sSLf8rJQgrqsaeojnPUcjVevKjeZggwrItMofs55Zmjs4B7qgJMyDhj3%2FpSiw7%2BS1K41LFFFxWn9qriGDKteuC4f6O5o0uT9fGxzIBsN%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8684b78049395ce3-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B3B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zf09a4sFVWsAAEOhAM-ShAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1

43 B
731 B

40ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPuxwEQm_ra4wUYyoePiQIwAQ&v=APEucNWhYvhMZF8-umvXcCU7nmrRMxfkGVOCRDSBWK_BLjZkgPBRJJj-5OOZUjo9wvUVtvSdKLHE_UfIP1zWwJCFrp_9a3w5Bg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxfyJJfm5HsRBYczmfrTp2ozNNbIorrOHKjxuTLChGAh7LPildsSJfY4QN%2Bm3VZfmhBMZ4Aaq5ZFkWYNcvpfJxeCnErhH%2Fw8JE0wvO515qDh%2FZwTrIHVQrNhm5sdFF4DSi8zid0WpaibsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8684b7813ba44115-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2aImLBKI_urYEHT3JhrQQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 8B3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENBwt9vRB2qJHy-qJiBzdys&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENBwt9vRB2qJHy-qJiBzdys%26google_cver%3D1

43 B
1 KB

50ms
50ms

Image
image/gif

103.43.90.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENBwt9vRB2qJHy-qJiBzdys%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPuxwEQm_ra4wUYyoePiQIwAQ&v=APEucNWhYvhMZF8-umvXcCU7nmrRMxfkGVOCRDSBWK_BLjZkgPBRJJj-5OOZUjo9wvUVtvSdKLHE_UfIP1zWwJCFrp_9a3w5Bg

Protocol

Server

103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: f479ffab-bd4c-49a4-993c-2a9a3f830cd0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: 8e1f7f6d-603e-4f7c-b40b-f93bb4ecf21d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENBwt9vRB2qJHy-qJiBzdys%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B3B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D

170 B
243 B

23ms
23ms

Image
image/png

74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D

Requested by

Protocol

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
an-x-request-uuid: db7b15f9-3f50-491f-a57d-bb6907d98289
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNzM2NDEwNTU5OTA5MjE2Mw%3D%3D
x-proxy-origin: 103.252.201.225; 103.252.201.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FDD 0
56 B 74ms
73ms Ping
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3876404380198&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FDD 0
56 B 72ms
72ms Ping
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3876404380198&version=m202402290101&ct=77&x=1&cor=16952048269531738000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1FDD 35 KB
20 KB 77ms
76ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjIwHacYFgGqWyCB40l1Jo9uJH6RfLcxcgQZp-YqH4PQnCFSmJLbgnsGJOIDKZgNN4e7V3P7qmjYrDhudTuXISZThWYuzAqeYjGhro_UherJ3g4ezzgX27I3c7XVNRQgGJwEujDnXU1L-n0nQA9766fLLNVZC5QiQMfSbMfp-pjGa7TulQMgfII-zQO_j53oKxc3Q2pFUz56ABVY0ExFh0jUUKo_oDxd7_WZ9G4Bf6FcDokx0&cry=1&dbm_d=AKAmf-D9EzzFiGkK_KI2fawzrTX1oU4iQk6yLDTfe1d_EFkRKTN0d3ndkq-36da4Jen1ibz4Cq47cONWt-h5fpXZdffyOZmhs35aF67R_WuqRzZFPT9N0jPfWjfwRB53Xd1Z627hlEY1j90x3j3ou6kgInzAfPv9Aat9ORLvN_q7l8XuDT6P61LR_voqdXgaEsM3tt5YZYDEDBjhAhSejs90IXA7bP_5B7i2ar2ZWz24Qf38E_XVkfRBRIUZuWogmO4K0YJjZCDiC4VCC8boK8Qc9kjmphzTxTxLDVLpwN_Yo-1BzjS5K5zJXosucoPVq2HKxmYxMVxPR-PAcitnpIGmLP-AsTQB78oehGIYUVK5Qlc0T_5Jfpx0Pp85m1J_-8FkUPPdYtO0qqTh7KrQkNlDjqMjmtavqXEA28XTR2wTYds7FoszQVsicIk30HDTVtHf41Mv_Ea43ksSlPCeEHSSbweP2K2uTo1d4CTMZPIx911kjAceGe5rMBMfGPhTzj3xhAD3_k6ROjb9JlYzvOmn6yeLh94bm6_HfVt3f_FqWIibnwaLJU3R5_O8TIQBdTUe-HHOVnJWQPKeacm5ROsEPbqNlWVwoHFZ06xOq-fartglTC_-0JKy1Wu1TZnghAHRch64xMXSYZm4PWEWvSG0fabyX8Ro4g_llDAYRhiFy-VMQ61WCCV8m6L1-LlqeIbRlnIMwAI_hnSLFCrmM5gxOGWypuEOCR3bzzILq_V-LgVvC3xkvR98kxvMFWG5CH-ed7oqPUKsG_GJ9ay6qiex0GdtBuf13KIZPAo-BK3f3y2FsAOeP8nMIulis4QOZS5bl5-74Kb6hZoXLpirFPnQiQVWRgQEdoTJtKdzDkSHBhw9WF4R3Cm1mzse3DQ8p5RMgzmwnYxFjCSA-KuyWEEnehKjWZh5wmDMO4YfFGHrChfFJiVQ9OnNl9xXFyQsgBulBTxHvOUAvBnKdrpIwuQF6qlHLC_rWYZsJP9XKXlNZxBxZPxJE89cWue5Zv7wn50utsQs8aQx_3M3tSF7ICL35Qks2hOJzFNXVNLueXvwXq7b5P6cdtNd38rFdXRoUbEdqWdSjMdtX6cYGTuxNSnEICh6uSZYDR6oW2xGDLBNweKza8A-rGsnrS5DDQhKssA_nCB7FDKQ9W0Vcc2b8FwRMJAgYAHX_y7H_0Uwa2obEGjDye_xCJ633J9E6n_RP8vzHGariVDyNmWBr3KUW-S8XkS5QkeFA0WAKaHCdC5qao27HN-Kurm4XTY0eS7ue07y0INptdyyv1J8p0gLKjWFUOCR8OzA6bDrG-pHkFjiy1DHthTYCY0sR2w5wOdE4My0vF_zvakRbQrXvxBo2wi61nKxUisHTbepw0E709xenjZP2raAXD2oozA5gZ0lBaeZPKy0_CjJ70ldlHxTCca89LGdHKdWpPGuWi-fr0dlejn72sowYOafW7SILHC5vRzgdsY6A6xvffv67xzKMuQqguHFZgOkeNjRBEFC7icRxshI4rWF0uoxiFZ-7KkrQPT5cxEyhvj-wQUSwnn9BtZAyaJB8aXET3c0yv6u_yufnZTef4vtakkD_8Cdw2Z7ZqJG_YOGh3Q2bkFW-BkEkHSPQk4UNrZAwUuYPWZkxxSEJ1SaGB075G8ngoPDY5GT8G5z9J-BIwD9WouGlURVHsaaQeWygiymzySBqrCA4qDOhOzCocnxYO6QWeg3uIP6sMUMF0J2Z1TorlmCg-mlFQMGZXDwbSgnknuK_px59waLhAXoHl4NGpXmfx5T8ijmzGVZbDubG8T4tljV38YTtbhgg1XxHg-qE8Uhx_5lTNeySStz5-lsLAL6YImiIilV-QwEOYRRlIoP0qSeEFIp1OgKfRHFhPjh-77Qv_zrH1yyYKL0Anab1xa9rRGCBOa2krmORr4lxopRWx1frFDzRYXvk1LsqFf8kY4k4tEptFxZwurJ3VjyHZhdMLJgz5K0ORPJ0PXJzZVc7kqh5BOYj55L6IzHNNL8gGnjlc7MgEijv4jT2FS8BMm47VeR2q1yGUYJVVUphGXrp-5g8WC5RyjoryrQU-riorZ9r_70wvzVWVV7wpZ5JR6cyvh8AtYTiXEmWdPSgRRjGh7cJw1hp1at1V_Gs2Ze5yAjbilT0___KgY8ZRrEfnWuwHZt13QM3YdYtUY9MRa82Ts4Rmb0knsIee81Xl4Cxy5jA6qOCRA3xUyu8lpOexw6G33vMWnkryKghF7S2GK1WxsO1G__X47n8d2bjIjZJu6JA0k7aMFgchsuFR4GIa-zXBRP6NP_HRh_LiSSgGU-mc0-xCv4Zc5OT5EP3BN1pkmVU8MAPOR0JEQck4oMmtVl0Mc8TkZCb2VMdWIQIHQv86qo9cbiNK6IgD9LYh7K6Hpl1msVpEELY5LRkWTs9CqGEY0p9kA_FjJuNFpHT2ngnuTCAGqCVGKpEXEvhTKg9_7_0xEJAJFyVc_H1GKQCXUN-AnGEMOYk-NfKwFJKvuCkb8zh-qG5dZRuULIVGq1EtVyWqzuOn0m5HvD0zVhaoDPWAx37_Or_B5SDFHifDVG2zdPf3wwhwjUeRE6LiGkzsHZW5f_s7U6uCIDIDT30y0MAMaC_RyBY8RYsBdEpfF9dRUPg7IPNOY3-b7-lS0tZzzsSpD7WaMetdL9nnqAFcFmAD3EimITqGtMzfV8i38U2leGBswMNSMoajhLufWkki6-C4fYaxaO-RmUdkrti4B31hiQlNDkufpWci1MEVel_ivqTS_Es938VnHIS1azMzm1fUUG4GWfbzJl22OUjJRPogczd6mKTopSL60VlZjzg1OVQMrz9s4Ltd5r1MF_alKll1-9Wyruy0xIy3OiedPGtVFpDXnCX17irn7Ni3DQjKEdorsfR66lY2_u4NJs1bqJIxCEXke9CO0UvT1hySKh_nLMLNfeIB8doaWYQeU_Cr38WAnwySMdK15mzaFskObf4Zrq5xTqaPfFQ9M12oIxESzv3jqOd8jR73GwzFm-9li20rwcwHWFLYkgbI_NOwgDgyKLC4FF6Fniwp_dG8txLMYLYhtjg9oX6oIo_eTtuWFy3UQWf9fiAyHprHWgqb9_IfGzzj6_LLvKTPU7pJCo_QaGsYpSTBArrTPhzWmyzLWJwJLepDESyIde96T4Bj-n64yYVGHwlAWLXfkWcfbVHOYMnioEcbfHAOSPqCeHB9eOLEG37jzmxPDPD0fiURlj42FRRAZpQ1L0FfrvZgfxYCqz3I5VPNUvEjtNtHbqtN0qh0af-4ihb8uDArPItsCgLnfNNSC8v5DcYGL0M9TVou63Wb1BhCRf78CSGUG9xMka__9ABVYmVeYPNZLIuHCn59cQXxqZSRW2TK41tkFGuKuk_TRSEKTzMuxluVyHOVKVG78jKYALCJ9C1U1KuLYhK9nmvjY_DsQEiDvCwOsZOadfIwzWGwRb0ULHpvQprAVG-V0Wk8zsBV8QFFhWcBSDRX2-DJAuDCNFcgkDeE_AhVEJdm6905qlt61xOmUWHFLgzDZZPhopSw1MefmC7ZQoJeSuEGeJKPtyZb3LJa4UZC1FPgkia44Fowv-vJrVeDTuSe8nWRzVZsWU7QEOgBgJIyfSt1BejIhNCLJPyW5khXYAapgap_00Slt3zjhB29iivFydQH2s6eGuFV_Hgr1Nq8R0WyOiwwTrPMCIZCIw2tvlIDPZRC4OG9VKrMea6wr56XXCrk8pk2OZMyc34eJ3d5BPZwzGOSJ6P34INlxELbB4ulC4l3o5djCqTVNQWAkkbpD3JKc3jRzvBxAud-OzRQgDWxM0IuJdndC2Th8TaqRLjKHN2Eb6VpwBhE85Dn5Sk7BE5Z0kQcFEzJsfui2aqV-Q0TEvkneyVkxFmrU_-KyGKUphVq9dlNhaeGuASHjEHngqG-6xkeYh5fAi3_4o4jWCHjRCZH4xJgxQQup3HkWrF5AQOifeUUFrQJXbHvLP1zW8HoH0UL1d265Cnt6ge_PEhPVGA3PhLgASL4Z_aFAd5BQyzDxmChKa03zIwGsCfwygENAuxLxCgNBQBR5hLl1ANXGZVNOb7hgM3CgJCWlJYjBSzW1dDgbjdJN6Vdimnv03teHGfKZeC_Y2cbwsMSJwIaDCtWbbF__MEnQcg5KICNV5LrG8bKfMZVNYdKbWuTzp21cT5Elzon9X0FseWdbK-yFCT7E3j098h1uizLks8RMpqOBOBmhZulKRv8_PsnK0hxereeQcndT83wOKAiNyrRLwRC32pXC-F8jMSKR0IZFfB1HhVRvomJBkmc5Mc9Lw4VJSF5t9TiLyfQQvosGsQ8eUuDkop2jtjMJeGDAWV8MQ2p2Z51i9fbdQkiSk1TBah2Oym6conevtOdcFw4ZHVb_pTxFTT1yKjYVgjAchi17isZsjbLP_kl1j0a7DmvoLbb7UFetZa-t94PecBFTEI5vBwOdoELDXSRA_fW4kp1Y3IvZY4VEN3yBLI2Gdn-4ghUj0IxQJ4Okir8GTCuemmehavVRrAWAgrMUJLbAreww1qOoNRvY2pTZAWjPQdhd7eyi0Zl4cSxgCkhdj3Ih8GT0WoKY2ZBnQAeBvei_BYH4vKduAPvQYb0jLOCptdkYv13AmbZBWmKGl15z4hnJ9Uel0Zz7HAcUJ58cHT7L6jFgTHZsAE7maT2nW3u5jVHi1pzD21xE6JOvJwheTKceUXxfhXxUekLz5OzitrD73_e1nnGXOKjDGUmoUy-qFVkUkHTKd_gPLmW2VAJHaKG9QIrnOTfBVgG8gET5B7uTopULnZG3UIN69NL9XVw81AEEZdk-jiXUJQW6Kk1_dNE8Ukl3qyyX2xOQxMF84zjjXRrtaR-oadYSY8mvVaGbKRdSGkhJtbzE8COEpB0GkLhuXAVaek3ffHduejlggNo03t-UW5Udq7sBuGYF2sqf998Xznr1Dnb40JxmFT_8cNJ7KPjqMrBxxynaeOeuryBzBC5W9jzPOKb-UmPJcldmkkAVsaQBA033X_hZME2UUhligbI06TwxjyvE6oFStmj35kSnJfkdLPUQH6diWFJuz2rIQxo8CaoND5XT3PKqjJ89pvMj_GefhpwQg3rdGB9dKfgQhGsJRiA96mC9zriz8MXLQm2wgW6LeQLtNpOLv7mCjN-0a6oNzpbQq5TRxRmajtr1FG1FZxffK6DgbTd9xuzwhg3VlYItB1xMfJNhF04OBvC5QddDxW1I4M8HNzJbYB-1eY6otCV5AZQq1&cid=CAQSTgB7FLtqwaR5NFiOBSjiMZjkF8KiOFW2-0PkJcnJf93bQq5k9PBXQsnp-6Sdxq7yiN69Ed-eb77RiW1XsziNpcKvrtnBLctH9YiJaaqNUBgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fzuto.vn%2F&ds=l&xdt=1&iif=1&cor=16952048269531738000&adk=2923430906&idt=86&cac=0&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127a0a744382f397d6400a7def2fc833f4f79b40da1968d945dcfb2677f1a7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20158
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EAEA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e47e21203bf1672f13d83982268da703a933f143f482b770d1903e48489bc2ca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A5B8 111 KB
39 KB 425ms
29ms Script
text/javascript 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Mar 2024 01:35:09 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame A5B8 12 KB
4 KB 44ms
44ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxLB-AwXlqyeHE3BAiO6k4KKItnGLRQWPx-9lyVz4oFExRL1AcwkYBzu3ThCwmpK1i5cYi8Dywwk0QS72I3xxHOzc_B9phVEdnu-hNX2H2rvxV2czn8RMv_lvqsfFHPIS2aVrfc5Pf77VQJCrheOXBd8ZTC0zWtmJ07mCbde-AhJaLiRNbNQBxRRNjFqACLwqPPfJqsUoJ1osI4yvyH5bEyd8ZAPBqEFJbdRR8FQtvnQBFpOs&cry=1&dbm_d=AKAmf-BK7XDvm64DvoxZUMDbXLlgGoX7WB3ENJtHhrjHvnsDBGAJtYVwMp1QQlVInoifh2iU34oCzWEkl8Vapiv7_5eIYXED_LecW7P5tSUdmonUr9U45dbdyYLAMIwEvEhhmoTZKvTYT8O-bW0kQxOhvTyduR3pLAsERfbJ6T6hM2P8Fw9YJra7PS4nyr4cDXRp_WgibiK2IbWXZwKQq7trYXBHrF8eDwHhRfWs889spEwGGIluXv76YfGa97KzgDZ6zzfn-NkX017tC-RFpg9iqd7ssvXuUbWnkUAVS96LnyE7PiW5n0cHVuq9_BVuMtjxm7PoC-L4aMdeTMZA7_3zaZvLjJju1Ku_EQd5MwQ73ODDRryRu9-AKfZZAaFHTZgC6ofiMRF4g2Yqs3QPyhskEw5HNxSaCBcN1oXxtxC7a2Jd-v3Swi-oytjCcWyOL4OJZF4TQUMBZf-8Tw_fZdn0EfLNgRGKUDT-b5_pkvQIWdtXeyocsNtsGiZVaU9VesubB8FskCWnUXIyPwFrLeQhU1MHzRLzKfLT8XDP6fQCjtx_nrsdisdHfzTAXxxp6g6aXwzc5dkn1Jm_shVp2l8mFonSyy8Xc7777808fd7d2bklhxkNC74UCCxbLSCIYGHoZ90IgK2FD9O18LVznLhXeGrfBlELqWO6xe_LQHN451BS8soOs7nx_vfDSZs0QoKxeXB7VCV7anEV6Vmx1App_pwqspBGGsmhFgdSfRoI9VDUr18lK3jhrSv4sqCWk6askA7UGND290X-TtzTsBoH6BhOFF4Pw8dF6EgPe6mtR_fuI8C4EB1wKELCE9AQBw_rR5UmRbuqSBymMw5BBCH8GknizhfrkcyP_Os6YJEFtd5RIgvTWwNANCKC2i7mI7SvMuvCdOfKfSE5d0Oow-Y1fBOQ7dJE3KIsi_BZWzqcrXrIDRuI-NzgoLjdbtQgbAbwB593b7bPTJTuv7rGKw83t7A2NJmlO0UNLotMngBvKikYqU7UTFrmJZjKyX-vCn843IHUJ6w9yESKrbiDzdjKJ4HBv-T7RF9k6g_cTZDWlwAyXTsGjYBFa83fvWigf0nKmx4Fg9YGaGUj0_ePq2HJ8PLCoDzRKkmvfe3Scj_kVD4uknSw0KQSRFjXiGROd2V3Jvkq8ue1VC4zJwWafW_jU2_neHRi7Kr6y2iA4g1mjlZbn6TuK9JgDpn-UVmN5sCOwjJLhKavsW2vZbQHot3AYAZqduYn0cd6jWF8DzFg5M_oPiqkMkEFc1eyuAEHQP2uf0-zNqWU4MuP1gWwH8q-jfG1gXu7MbHIFm-RtGc9Hz-eLFx872FwxlnyLUiY9SOshour-HOKmN_bsi_ge1Sw3z-f73IvWOhsNKjQ4calsdPZmjr3D4vtAOttFxHfS7YtBroV96mM2OiUGVWZz_EVbQvkfgcBmGIKjI6YeR3feNLxMZ44crRBYM-Ud7N7p0gIj8UlujHBgZyq8amCD1zXOMvu4tqj2OBngINaLpu8YWKg6mcUctjfyRvSJEY_JdiI9_yfUvan9kiLTIw9s5xPwOTnF77JF1ki1zgSbop6vjHAt4aboOuFIu-tkAhVUN6ltYRG69afQeVHhdnfClTRUlY-9fHQduJBVpb7wdoi3_ehy8Ex2hH66M9UYQXqmTonJprGqcXMFb1m9D-Z11yNLCfWq224g1C5BWImVtRvWpFm-i0B1D51wPPiocVt2Zx_jWqdSgZPh1UeO9M4EAyfld1h2nne-txoWb-LRVqDScLdUjSiKwnsMly8kWie-6ZQfq8FzOmy5hpEmvvdaF4CT0VT4SM6crwIbHoI0LSzh5QZY-Aojk4Wt5Ak0E8h_-3nrvRWwsipGh-wUgcGqS9ivMm1qaqCgCpIbQQsnOit99ACjgy1pLX3w-yCsi_TW-_jGaZiLM0esbkVQb3jxeSGfLbrqCj3-yPeGiqrZCfXCyo-K_4dszL3JMnZruu2kZv8Qo40JYnmanR7f8jj6_0i5SMC8zcJ-oSh5dJv2ZPJcOvRWe2Y44-H6l7dRDZYJVTEXzBGHuRE3rTe7nPAwlglNouR9fnETOZ30PECkPjLbqqtzEWvzFr-OIlcMjjJ7WDhlAdwQZRtlel946uvVgJYWe6FttbfX5FKKg5mZb1l1xEAk8mDIvYGqQr6Kl8ibTmhkUYdmrXhc30E2uUtm72adEa4Q-xdJjPS-HripbLlMsRFfvRrq4Kn2esSUiXVEh0uInnUUV2wqEwG6aTeJur6tRqHaX0S0LJWomBMfX0vz6HnX2wMPxnLlfCxHWktCrl_INhArDze4Ne43gc33Ekx0soHDrStYVPTOkpoxUVzxsZcmLoxRmQv7bfyCmD1EIGGF0_EDek15hSWTqYwAEyBfVoJvBXiIdTA7aJFmvooqTyrjaKn1S56Zi0PYmKgvVqrmZgIERscloNcoHjFjiqG6hOyrryX3lHE-p679YvJ_tsvu2Ixx7r1wM7NRJNd8mFwWvRKLfHV2-6TBKW4keZHGaVVJb_zbmC_BSnCTeIA7wNWRGu-GouDTompufsBEeCtFw7QirMneWuKswjhbl2LBaVLvQb_WINn_52D8VQLXaeEBYyOsuAxZp9JoqTGaeoB0_h6NjO2q8p0Zl2Olr5LxEDuCFlPU_IiJtGiQbg9XTzUvJHUKUQiOO-AMpMRc8uJ-GvAeCm8XySJDX6b2WHDuWxLaaKpkpcIU9OVEyfvKZVGMK8bZ80NUu69zZKlws751lqYMnrqgs3whB8ogs8J8qbFonfz_cVeLfgIJJdnbPRs1GwSNB_P8n6v6WFDUgtCFAcN49-YV-ykYwJrVvE0ucr61AevUJVGrWQ2hoBANLYAJ3OpkvbpnLLN_7b3RIrJZM53EQ0uK0zSh0Zy8ixVnP4L21ePVK-MNUBjq9iBlvWua3L2u6-ZlHf5itJ6taPXzdE8H9dPniHBebL06vLoQaapQ_FwfRizBM2sKAaBDNFfuxqIvu0WxtTT7MOjQ4EOZVK8IURQjb30rfL8alyzPoZn_tyyIH8wQxTT10kZ79DXF0GTw0kwMYxU0Bd0PXKiOWTGDPoJYiM6jTdWVwTUdaMnivZRxwx2J0Ysbqu3HkZAaTXu6DtcjowX4Rjo2zsEEQ29-sI3ShwsZNh8aQvAxb1_CNcJdmVpheFW5N0id1upWDeSqEY7ItlBlQuC-CSBWQO18XywtA-42pBnfo1lksL8ifA4z_Wtr_m2uY3o9gc5Gm-V8rU77u_o9NnpApAkJ9XxeXs9A2-hXVhjIVFGqRfRVRb98YNpnp4T8nD4W09Eh5ma8vNnLGAzjnphamOdQxwIhVIxSMyTEhpH4K8F1y3-xezlD8FrfBoR2AsY3DpkvgeSbAt4Mpbli4lCmV4NqYMjNivA_AKYsawQASKs-dx3I1sQt3DlC7KzubyUiirKMEvJo8_zrjMyIq-Loh3AM5WOnW9dfj33zAU1_q0AWO6zP1gDEjERjw0bfi0nFFbuxidNWtLqOIk1NUMERxlOkoetcvPWCAEngg190c8RGIWf_gD5iDtfnXA7taFe8RdYYZrGxtKGUofVMomLAt7BG1HvUO921DK90sTwuRdet_UzG0d59iu1VgijfPDKZW7eGAsQ1uLH8nuApmDLHMzf8Zw1VnAjrwfNUiFQXbAY0_4XNsFM0E4cwycdgwXYl9Tn25iw5rqpk-DkJmNuPOVvimLfLJn88k1m1uqAttlluEtsoALZQOFpX_VJrYhvmm_1zcnbAGQnpnZ738tZ2di6_kO7UoBTCiCiZpG15XH_GIfB_dpSwTENmlO-dgn3R68xAXvH7pQMGVrVAKqIOyFSR1btSdTxoJgZdiA--syNwFnouWCzvvn6afyYHx41s4_ZVzoEL_spEJj72edN_FmxTv5QeFzifzCH5TlOxLU2q1s6auKSwkpEMAQ-bBAZJz7UmmX8JUirrdxwuhALfWt9C3lOXvFzQfhtQwLFvS8vUTsRcuDQrqa4zUBgV_Qn7Swjl543lSFOzFryPr2OKxCXKo_h37jQgWaLvKZW7O_UKflDKeEuaLbvX7XyrI7XEoyrKcd41SQmFZiL0dwdOPb2ch2rBMX3AHlVm39Sv8u_NXQcr2ckY7UHlS9GXj0w6CLVJdofSe3tyuBdQPFCKVb5-hTNeooIHSElz2xCfvSA_WmAPnp-fXQ3glPWgYvtd_55GuHfIgwQR7SSrFGxzEK0npVP-B9Ze0NLW3-dSD1yl50a2v6gf3AHTS-1BTyl9E2C0n8fAODFszDT2YdsyxePFdAhgYcp&cid=CAQSTgB7FLtqC8Mkymh7AyhJjfczr-77Ne5olo23CbYbQaK4zmc3myyyyPG7t35hKj2vzIgm2r8lRKspvOtp4Yv3ML2bD2ftr923BCpjDzyAeBgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fzuto.vn%2F&ds=l&xdt=1&iif=1&cor=17639393923701576000&adk=250412561&idt=70&cac=0&dtd=46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 17:46:26 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame A5B8 31 KB
12 KB 39ms
39ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0
server: cafe
etag: 7675425396172501416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 01:41:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A5B8 41 KB
14 KB 42ms
41ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 20:53:06 GMT

GET
DATA 200
OK truncated
/ Frame A5B8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f79c6f8118fe0d96fc6122168ebf18e2ec2d33d8acfe03dbf2309e7ed7d7b8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EAEA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2Istaj39ZaPOJO-i9fwPhMCukAKbq_jBdqH_offWEr-7wbjBCRABIJbzhiJgvwWgAbPTtd0DyAECqQJunXQU2FqMPqgDAcgDyQSqBIgCT9AA87JfrbHYrAzrHfgqj_q5OYzMzjXFdE9fBIB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfa595efd8277f890000000000000000%22,%222%22:%220xb6bbbaec36f6a95c0000000000000000%22,%223%22:%220x10f5ba...

0
0

184ms
106ms

Fetch
text/css

74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfa595efd8277f890000000000000000%22,%222%22:%220xb6bbbaec36f6a95c0000000000000000%22,%223%22:%220x10f5bae417fb2e9f0000000000000000%22,%224%22:%220xc8044f9190ea6c460000000000000000%22,%225%22:%220x8c84f86507eee59f0000000000000000%22},%22debug_key%22:%221467359937786122424%22,%22debug_reporting%22:true,%22destination%22:%22https://airasia.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001220531%22],%2222%22:[%22true%22],%224%22:[%2203-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214357407475699228785%22}&andc=true

Requested by

Protocol

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xcfa595efd8277f890000000000000000","2":"0xb6bbbaec36f6a95c0000000000000000","3":"0x10f5bae417fb2e9f0000000000000000","4":"0xc8044f9190ea6c460000000000000000","5":"0x8c84f86507eee59f0000000000000000"},"debug_key":"1467359937786122424","debug_reporting":true,"destination":"https://airasia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001220531"],"22":["true"],"4":["03-22"],"6":["true"]},"priority":"500","source_event_id":"14357407475699228785"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Mar 2024 08:12:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcfa595efd8277f890000000000000000","2":"0xb6bbbaec36f6a95c0000000000000000","3":"0x10f5bae417fb2e9f0000000000000000","4":"0xc8044f9190ea6c460000000000000000","5":"0x8c84f86507eee59f0000000000000000"},"debug_key":"1467359937786122424","debug_reporting":true,"destination":"https://airasia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001220531"],"22":["true"],"4":["03-22"],"6":["true"]},"priority":"500","source_event_id":"14357407475699228785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 1FDD 31 KB
11 KB 28ms
28ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjIwHacYFgGqWyCB40l1Jo9uJH6RfLcxcgQZp-YqH4PQnCFSmJLbgnsGJOIDKZgNN4e7V3P7qmjYrDhudTuXISZThWYuzAqeYjGhro_UherJ3g4ezzgX27I3c7XVNRQgGJwEujDnXU1L-n0nQA9766fLLNVZC5QiQMfSbMfp-pjGa7TulQMgfII-zQO_j53oKxc3Q2pFUz56ABVY0ExFh0jUUKo_oDxd7_WZ9G4Bf6FcDokx0&cry=1&dbm_d=AKAmf-D9EzzFiGkK_KI2fawzrTX1oU4iQk6yLDTfe1d_EFkRKTN0d3ndkq-36da4Jen1ibz4Cq47cONWt-h5fpXZdffyOZmhs35aF67R_WuqRzZFPT9N0jPfWjfwRB53Xd1Z627hlEY1j90x3j3ou6kgInzAfPv9Aat9ORLvN_q7l8XuDT6P61LR_voqdXgaEsM3tt5YZYDEDBjhAhSejs90IXA7bP_5B7i2ar2ZWz24Qf38E_XVkfRBRIUZuWogmO4K0YJjZCDiC4VCC8boK8Qc9kjmphzTxTxLDVLpwN_Yo-1BzjS5K5zJXosucoPVq2HKxmYxMVxPR-PAcitnpIGmLP-AsTQB78oehGIYUVK5Qlc0T_5Jfpx0Pp85m1J_-8FkUPPdYtO0qqTh7KrQkNlDjqMjmtavqXEA28XTR2wTYds7FoszQVsicIk30HDTVtHf41Mv_Ea43ksSlPCeEHSSbweP2K2uTo1d4CTMZPIx911kjAceGe5rMBMfGPhTzj3xhAD3_k6ROjb9JlYzvOmn6yeLh94bm6_HfVt3f_FqWIibnwaLJU3R5_O8TIQBdTUe-HHOVnJWQPKeacm5ROsEPbqNlWVwoHFZ06xOq-fartglTC_-0JKy1Wu1TZnghAHRch64xMXSYZm4PWEWvSG0fabyX8Ro4g_llDAYRhiFy-VMQ61WCCV8m6L1-LlqeIbRlnIMwAI_hnSLFCrmM5gxOGWypuEOCR3bzzILq_V-LgVvC3xkvR98kxvMFWG5CH-ed7oqPUKsG_GJ9ay6qiex0GdtBuf13KIZPAo-BK3f3y2FsAOeP8nMIulis4QOZS5bl5-74Kb6hZoXLpirFPnQiQVWRgQEdoTJtKdzDkSHBhw9WF4R3Cm1mzse3DQ8p5RMgzmwnYxFjCSA-KuyWEEnehKjWZh5wmDMO4YfFGHrChfFJiVQ9OnNl9xXFyQsgBulBTxHvOUAvBnKdrpIwuQF6qlHLC_rWYZsJP9XKXlNZxBxZPxJE89cWue5Zv7wn50utsQs8aQx_3M3tSF7ICL35Qks2hOJzFNXVNLueXvwXq7b5P6cdtNd38rFdXRoUbEdqWdSjMdtX6cYGTuxNSnEICh6uSZYDR6oW2xGDLBNweKza8A-rGsnrS5DDQhKssA_nCB7FDKQ9W0Vcc2b8FwRMJAgYAHX_y7H_0Uwa2obEGjDye_xCJ633J9E6n_RP8vzHGariVDyNmWBr3KUW-S8XkS5QkeFA0WAKaHCdC5qao27HN-Kurm4XTY0eS7ue07y0INptdyyv1J8p0gLKjWFUOCR8OzA6bDrG-pHkFjiy1DHthTYCY0sR2w5wOdE4My0vF_zvakRbQrXvxBo2wi61nKxUisHTbepw0E709xenjZP2raAXD2oozA5gZ0lBaeZPKy0_CjJ70ldlHxTCca89LGdHKdWpPGuWi-fr0dlejn72sowYOafW7SILHC5vRzgdsY6A6xvffv67xzKMuQqguHFZgOkeNjRBEFC7icRxshI4rWF0uoxiFZ-7KkrQPT5cxEyhvj-wQUSwnn9BtZAyaJB8aXET3c0yv6u_yufnZTef4vtakkD_8Cdw2Z7ZqJG_YOGh3Q2bkFW-BkEkHSPQk4UNrZAwUuYPWZkxxSEJ1SaGB075G8ngoPDY5GT8G5z9J-BIwD9WouGlURVHsaaQeWygiymzySBqrCA4qDOhOzCocnxYO6QWeg3uIP6sMUMF0J2Z1TorlmCg-mlFQMGZXDwbSgnknuK_px59waLhAXoHl4NGpXmfx5T8ijmzGVZbDubG8T4tljV38YTtbhgg1XxHg-qE8Uhx_5lTNeySStz5-lsLAL6YImiIilV-QwEOYRRlIoP0qSeEFIp1OgKfRHFhPjh-77Qv_zrH1yyYKL0Anab1xa9rRGCBOa2krmORr4lxopRWx1frFDzRYXvk1LsqFf8kY4k4tEptFxZwurJ3VjyHZhdMLJgz5K0ORPJ0PXJzZVc7kqh5BOYj55L6IzHNNL8gGnjlc7MgEijv4jT2FS8BMm47VeR2q1yGUYJVVUphGXrp-5g8WC5RyjoryrQU-riorZ9r_70wvzVWVV7wpZ5JR6cyvh8AtYTiXEmWdPSgRRjGh7cJw1hp1at1V_Gs2Ze5yAjbilT0___KgY8ZRrEfnWuwHZt13QM3YdYtUY9MRa82Ts4Rmb0knsIee81Xl4Cxy5jA6qOCRA3xUyu8lpOexw6G33vMWnkryKghF7S2GK1WxsO1G__X47n8d2bjIjZJu6JA0k7aMFgchsuFR4GIa-zXBRP6NP_HRh_LiSSgGU-mc0-xCv4Zc5OT5EP3BN1pkmVU8MAPOR0JEQck4oMmtVl0Mc8TkZCb2VMdWIQIHQv86qo9cbiNK6IgD9LYh7K6Hpl1msVpEELY5LRkWTs9CqGEY0p9kA_FjJuNFpHT2ngnuTCAGqCVGKpEXEvhTKg9_7_0xEJAJFyVc_H1GKQCXUN-AnGEMOYk-NfKwFJKvuCkb8zh-qG5dZRuULIVGq1EtVyWqzuOn0m5HvD0zVhaoDPWAx37_Or_B5SDFHifDVG2zdPf3wwhwjUeRE6LiGkzsHZW5f_s7U6uCIDIDT30y0MAMaC_RyBY8RYsBdEpfF9dRUPg7IPNOY3-b7-lS0tZzzsSpD7WaMetdL9nnqAFcFmAD3EimITqGtMzfV8i38U2leGBswMNSMoajhLufWkki6-C4fYaxaO-RmUdkrti4B31hiQlNDkufpWci1MEVel_ivqTS_Es938VnHIS1azMzm1fUUG4GWfbzJl22OUjJRPogczd6mKTopSL60VlZjzg1OVQMrz9s4Ltd5r1MF_alKll1-9Wyruy0xIy3OiedPGtVFpDXnCX17irn7Ni3DQjKEdorsfR66lY2_u4NJs1bqJIxCEXke9CO0UvT1hySKh_nLMLNfeIB8doaWYQeU_Cr38WAnwySMdK15mzaFskObf4Zrq5xTqaPfFQ9M12oIxESzv3jqOd8jR73GwzFm-9li20rwcwHWFLYkgbI_NOwgDgyKLC4FF6Fniwp_dG8txLMYLYhtjg9oX6oIo_eTtuWFy3UQWf9fiAyHprHWgqb9_IfGzzj6_LLvKTPU7pJCo_QaGsYpSTBArrTPhzWmyzLWJwJLepDESyIde96T4Bj-n64yYVGHwlAWLXfkWcfbVHOYMnioEcbfHAOSPqCeHB9eOLEG37jzmxPDPD0fiURlj42FRRAZpQ1L0FfrvZgfxYCqz3I5VPNUvEjtNtHbqtN0qh0af-4ihb8uDArPItsCgLnfNNSC8v5DcYGL0M9TVou63Wb1BhCRf78CSGUG9xMka__9ABVYmVeYPNZLIuHCn59cQXxqZSRW2TK41tkFGuKuk_TRSEKTzMuxluVyHOVKVG78jKYALCJ9C1U1KuLYhK9nmvjY_DsQEiDvCwOsZOadfIwzWGwRb0ULHpvQprAVG-V0Wk8zsBV8QFFhWcBSDRX2-DJAuDCNFcgkDeE_AhVEJdm6905qlt61xOmUWHFLgzDZZPhopSw1MefmC7ZQoJeSuEGeJKPtyZb3LJa4UZC1FPgkia44Fowv-vJrVeDTuSe8nWRzVZsWU7QEOgBgJIyfSt1BejIhNCLJPyW5khXYAapgap_00Slt3zjhB29iivFydQH2s6eGuFV_Hgr1Nq8R0WyOiwwTrPMCIZCIw2tvlIDPZRC4OG9VKrMea6wr56XXCrk8pk2OZMyc34eJ3d5BPZwzGOSJ6P34INlxELbB4ulC4l3o5djCqTVNQWAkkbpD3JKc3jRzvBxAud-OzRQgDWxM0IuJdndC2Th8TaqRLjKHN2Eb6VpwBhE85Dn5Sk7BE5Z0kQcFEzJsfui2aqV-Q0TEvkneyVkxFmrU_-KyGKUphVq9dlNhaeGuASHjEHngqG-6xkeYh5fAi3_4o4jWCHjRCZH4xJgxQQup3HkWrF5AQOifeUUFrQJXbHvLP1zW8HoH0UL1d265Cnt6ge_PEhPVGA3PhLgASL4Z_aFAd5BQyzDxmChKa03zIwGsCfwygENAuxLxCgNBQBR5hLl1ANXGZVNOb7hgM3CgJCWlJYjBSzW1dDgbjdJN6Vdimnv03teHGfKZeC_Y2cbwsMSJwIaDCtWbbF__MEnQcg5KICNV5LrG8bKfMZVNYdKbWuTzp21cT5Elzon9X0FseWdbK-yFCT7E3j098h1uizLks8RMpqOBOBmhZulKRv8_PsnK0hxereeQcndT83wOKAiNyrRLwRC32pXC-F8jMSKR0IZFfB1HhVRvomJBkmc5Mc9Lw4VJSF5t9TiLyfQQvosGsQ8eUuDkop2jtjMJeGDAWV8MQ2p2Z51i9fbdQkiSk1TBah2Oym6conevtOdcFw4ZHVb_pTxFTT1yKjYVgjAchi17isZsjbLP_kl1j0a7DmvoLbb7UFetZa-t94PecBFTEI5vBwOdoELDXSRA_fW4kp1Y3IvZY4VEN3yBLI2Gdn-4ghUj0IxQJ4Okir8GTCuemmehavVRrAWAgrMUJLbAreww1qOoNRvY2pTZAWjPQdhd7eyi0Zl4cSxgCkhdj3Ih8GT0WoKY2ZBnQAeBvei_BYH4vKduAPvQYb0jLOCptdkYv13AmbZBWmKGl15z4hnJ9Uel0Zz7HAcUJ58cHT7L6jFgTHZsAE7maT2nW3u5jVHi1pzD21xE6JOvJwheTKceUXxfhXxUekLz5OzitrD73_e1nnGXOKjDGUmoUy-qFVkUkHTKd_gPLmW2VAJHaKG9QIrnOTfBVgG8gET5B7uTopULnZG3UIN69NL9XVw81AEEZdk-jiXUJQW6Kk1_dNE8Ukl3qyyX2xOQxMF84zjjXRrtaR-oadYSY8mvVaGbKRdSGkhJtbzE8COEpB0GkLhuXAVaek3ffHduejlggNo03t-UW5Udq7sBuGYF2sqf998Xznr1Dnb40JxmFT_8cNJ7KPjqMrBxxynaeOeuryBzBC5W9jzPOKb-UmPJcldmkkAVsaQBA033X_hZME2UUhligbI06TwxjyvE6oFStmj35kSnJfkdLPUQH6diWFJuz2rIQxo8CaoND5XT3PKqjJ89pvMj_GefhpwQg3rdGB9dKfgQhGsJRiA96mC9zriz8MXLQm2wgW6LeQLtNpOLv7mCjN-0a6oNzpbQq5TRxRmajtr1FG1FZxffK6DgbTd9xuzwhg3VlYItB1xMfJNhF04OBvC5QddDxW1I4M8HNzJbYB-1eY6otCV5AZQq1&cid=CAQSTgB7FLtqwaR5NFiOBSjiMZjkF8KiOFW2-0PkJcnJf93bQq5k9PBXQsnp-6Sdxq7yiN69Ed-eb77RiW1XsziNpcKvrtnBLctH9YiJaaqNUBgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fzuto.vn%2F&ds=l&xdt=1&iif=1&cor=16952048269531738000&adk=2923430906&idt=86&cac=0&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0
server: cafe
etag: 7675425396172501416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 01:41:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FDD 41 KB
14 KB 25ms
24ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 20:53:06 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMTA5NTE0NzU0OTQ4NwogIHNlcnZlcl9pcDogNTg5Mjc1ODAKICBwcm9jZXNzX2lkOiAxNzk1MjM4NDkzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDE0MDAwOTI3...
ad.doubleclick.net/ddm/activity/ Frame 1FDD 0
865 B 118ms
56ms Image
image/png 74.125.200.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMTA5NTE0NzU0OTQ4NwogIHNlcnZlcl9pcDogNTg5Mjc1ODAKICBwcm9jZXNzX2lkOiAxNzk1MjM4NDkzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDE0MDAwOTI3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9wcmV0dHlmaXQuY29tLnNnIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDY2OTg3NDU0NTgwODQxNzg3NzYKZGVidWdfa2V5OiA2NzY0MjM1NzQ1NjQwMjk1MjAzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMy0yMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE0MDAwOTI3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg5MTE3MDgwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNTUxMjg1NTMxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwOTkxMjQwNjY1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTU1OTkyMDEwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3ByZXR0eWZpdC5jb20uc2ciCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9wcmV0dHlmaXQtc2cubXlzaG9waWZ5LmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3ByZXR0eWZpdC5teSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3CnhmYV9hdHRyaWJ1dGlvbl9hcGlfdHlwZTogWEZBX0FUVFJJQlVUSU9OX0FQSV9UWVBFX1dFQgo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f149.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5e5129f0a7fabf5a0000000000000000","13":"0xa6ae62bfcd2fa99f0000000000000000","14":"0x837b8904b7212acc0000000000000000","15":"0xd3f502edb9b2433b0000000000000000"},"debug_key":"6764235745640295203","debug_reporting":true,"destination":"https://prettyfit.com.sg","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["14000927"]},"priority":"0","source_event_id":"6698745458084178776"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVtNU3IC-4RqK8Et3f034AkqaV-CgCDLGKOnPzTjtUg_-xJTLqBAB2Qcpsl6pz5pDAY4SUb1jKQeT-aLBdLYOJgvsjN03DFBdNF5e6hJBqh_rbQXkyZ79axpBuEn8_B6HgUXCuOXA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 30ms
29ms Script
application/javascript 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVtNU3IC-4RqK8Et3f034AkqaV-CgCDLGKOnPzTjtUg_-xJTLqBAB2Qcpsl6pz5pDAY4SUb1jKQeT-aLBdLYOJgvsjN03DFBdNF5e6hJBqh_rbQXkyZ79axpBuEn8_B6HgUXCuOXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDk1MTQ3LDcwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly96dXRvLnZuL2NvLWFpLWhlbi1oby1jdW5nLWVtLWNodWEtNzE1MzMxIixudWxsLFtbOCwiX0gzQ1FBVW1UZVEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN._H3CQAUmTeQ.es5.O/am=wA/d=1/rs=AJlcJMw_B6UvHGPnYlizR7R_kFRsEHJvhw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3ec85ba49f5b9b73f99364c24c90862f999a89f5ed7dbebc64e34077d7c7a23

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_us5RPAX-3VkE--9TUXWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_us5RPAX-3VkE--9TUXWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw_H615f1bAIbDj-9xQQAPPI3fQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1FDD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e30ad1de5162e5b364589507d03ef51a0d74b635632fa250f202868b19ecdd3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/d54876ed/ Frame 1FDD 18 KB
7 KB 1118ms
287ms Script
application/javascript 54.210.123.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/d54876ed/web.js?&accountId=afa4a86e&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF2VPaj39ZZbDJLCk9fwP7IOTCKXj-Y522JXlrt8S8C4QASCW84YiYL8FoAGz9YbPKsgBCagDAcgDmwSqBIwCT9AzS341gYE94uR_71PUwSRAu73_tFE0VDkb9Id3cz84nr0LSCtEC-6nXU1AFKzynOTk3u4BLeYvGQe4YF3QQMarQsk8jg3Dupnl7KV_FR-4HZfPjStOYNsiGiVQbZfGus1dYUNIrJG0lNEXldWRSi9iCNRDzoqeZ28ZFWjpbgPb6KMujY--9XneA6xcuzaB0Aad9BNMrQ4G_0RKSF-0kaggP_1A_dOQvwKGGdYrMVX_DGuDxRZdGA-zeneHXeU4GRXFqBTIwocPPQkhO3BaQSOvyliywLN6WrFWTLICkZ87SRFUyr89cI5DoJVDaL6c2dsE7rtZDCDOBnvRFx_k7pnovcXW9XPUyBqQYcAEgZHY1dgE4AQDiAXZ07OZTpAGAaAGTYAHs63XrgWoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WLT7jpO2h4UDgAoBmAsByAsBgAwBqg0CU0ewE5D8-BbQEwDYEwrYFAHQFQH4FgGAFwHoFwGyGAkSAsFPGE0iAQA%26ae%3D1%26num%3D1%26cid%3DCAQSTgB7FLtqwaR5NFiOBSjiMZjkF8KiOFW2-0PkJcnJf93bQq5k9PBXQsnp-6Sdxq7yiN69Ed-eb77RiW1XsziNpcKvrtnBLctH9YiJaaqNUBgB%26sig%3DAOD64_2armUzu3_mx0hJ7sFZ_mEH3FEEnw%26client%3Dca-pub-1331499336525420%26dbm_c%3DAKAmf-Byf20SDsyyZX80RPiF3KpqPQJucr1VanX-azvkneSRUDBmMke1G6r3yLoeryWzFZ6Z5zPgkgzXwbydPCZgTo3E-dUlS4GWZjpF86hKhC1_WZ8_BQADxFpll9k9x8M8Cq9WBKHoIReEcSIQX5UnDJrC2-a_YjZzpGj_ZJAPqnihdOX7lL4q5PsuiO6ZscwsVm0uD3_nFjPGy90QhUZLrHcDUcM_BCY4uY1xNfFVsEmFjPKByzs%26cry%3D1%26dbm_d%3DAKAmf-DfcvuJeQPH6X_kUU2JrUMtwjriiCw9mC9oONvR_EuAT1bWUKxF3QU5Ka6QUXWCgn1T0Rm5u5AjeAkn_1qxLxL8MwNpDzdiydzNRh1F9zsoF2Nysf6DrroZI55bTbsoPrj8xhpmNAdlzlcvAmuK6HHZyGDkAECcM1RBn7b8zU_XpipJEkal_vBqFoNYRx4_fYZCGF_LqCPekChYaJNwxkjHHs9sUSy_dZ5lt-5iy_w2binlT38V0k3U4a14vhoWf5R4rmYBBQrwdv1dQaimvFtKLYe0LFisrxsy5ECUy3mscH5Wn-d8c8EdfWiNj3DRlyx_drPETOu3XCxOEOnfV3Pk3f3b-D4kM6AbXjxgB89akgvBA_CCo0myrKWpbegdHbkYqdioNNTMtZecdypit5mawV4qPhq2uYGuFFNtv5aIWzfaeHKc_3ptFKry5jIlPLNU5e32NpzSCkV0KB_a4IC3jQ42QdgOOnIv8rXTJqHcrnO2cOXq4RVfwTJwFNB41cVHkTzkyfjxTHBxOsmniFNV2znQQYCRV0kezNSFtcNX42pqBoIPxlXPYo6oIhdP70TBjHhW9QnooPiJEg00xaRmCmpOJKTR7j1sdl3F4WnNMsSEDwFU3oaEvuoF7PgISbqU3tjg-98neWd1L2qKEEfmlxvOSA%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=GoogleDV360&tagVersion=html-standard-7&track.adLoading=https%3A%2F%2Fpixel.ad.lifesight.io%2Fpixel%2Fevent%2FKY0LPL%3Fevent%3DRENDER%26channel%3Ddv360%26cv%3D%5Bcv%5D%26cachebuster%3D1711095146598422%26cid%3D20991240665%26crid%3D555992010%26db_redirect%3DNO%26app%3Dhttps%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&eas.JHtDUkVBVElWRV9JRH0%253D=555992010&eas.JHtEQ19EQk1fVE9LRU59=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI2dOzmU6oApv62uMFsAKx84bkA0AB0gIqGAAiEwiWoI-TtoeFAxUwUp0JHezBBAEoATABONiV5a7fEkACSAFYiIEgEMqHj4kCCbhdyZoP_afMrc9ksLIiig&externalCreativeId=555992010&externalSiteId=2206433262224&externalSiteName=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&externalSupplierId=1&externalCampaignId=20991240665&externalSessionId=ABAjH0hW9yvCbvQ7OeIsijFgr8ld&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=20991240665&scriptId=celtra-script-1&clientTimestamp=1711095147.709&clientTimeZoneOffsetInMinutes=-480&hostPageLoadId=9674460861247842
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.123.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-123-22.compute-1.amazonaws.com
Software: /
Resource Hash: 05169c20d4d6f663ef7c4409705e04441dc5388c0f876d35e59aaf8ec7b35605

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2024 08:12:28 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 6541
Expires: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 87D6 38 KB
13 KB 19ms
19ms Document
text/html 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 180340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 06:06:47 GMT
expires: Thu, 20 Mar 2025 06:06:47 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 122ms
66ms Preflight
text/html 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 08:12:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 729D 38 KB
13 KB 23ms
22ms Document
text/html 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 180340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 06:06:47 GMT
expires: Thu, 20 Mar 2025 06:06:47 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 87D6 52 KB
20 KB 25ms
25ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 06:51:30 GMT

GET
H2 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 729D 52 KB
20 KB 19ms
18ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 06:51:30 GMT

GET
H2 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame C4DF 52 KB
20 KB 27ms
27ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 06:51:30 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/100743113437237494/ Frame 4816 37 KB
6 KB 704ms
43ms Document
text/html 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6b81ab178960b439a36426d234f9d7064d0ec97159dd26221b823bb7430569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8477
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5454
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 05:51:11 GMT
expires: Sat, 22 Mar 2025 05:51:11 GMT
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A5B8 0
0 80ms
75ms Fetch
image/gif 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT2-_j_RkuC1DM75KAjgDDBj93AAi0Mw6X4lcv538qv-Sg_ewMWrl2OHAkKQOHtIh79zPV4IK8x-bfRTx1dcilKhqJJqBASpEJFcBw13ZYE3IVR84D1Z56ZH3HKUIgaFPQY8wpP5wf0I3ilpiEif46QmCfOSzSqeQfUAuf6WuKXn7M40LzRm24P3K0TlcIBkHHGWqO4vUoxpAfnhkK9MONboI8Gv7hZ7vrGkxc-1qBtS0i5ZU-3vfSp8DYqmSL88CN018ilVA46hiuF3PhARDBfNg_M2xmSA7Uls6DXOIjEEBrTbBppGw0Ax9YZQ9HR2-pPNHjWgpu1qo0akivLCaNJHQx1SAorMFGqVe-5U2bY_PS_kIVO1KwVD83ny2mFAOYjw42sph4rUdo6aQWTpJ35xv9UeSRs96SzAJavtZO5Qdj4YTTDEXpKyyGVgS4EBxuHjNo-NjrxW1eT-dhxEfoFufpN8XDS48rmEye6EySlaLS4v4F2ALBSM5JSRGXFieEwuXYpHLPElA3SngjrId4sFk3d7Rz93ixLs7m_YWfuthjY6l7IG3mlg5nMiz3N9mp_5g8zfXIB19rd-rF4TsiwpoX0XSW_LzgLiGFgB0MeUJKkgT1WlzGd3EXGhxLJ8_XF_tyNZWL3uhnmsUF565UoDNxtBRVuWgNqdogogDmjNyP3nbV_Ni8tiwh-QliNptDsFiJ1XlgAhQGsuweCfxePVHwTq0T2TjbpUkXN7o2jTy6cGN7IDhj95WlrnSEphqTjKqymBlBQK04fZr7YSslk3eZ8CUjSe7Q-VXXC5dx0mQOdslTfsZ7zZA030TVGBKy827Yy6gJrgeTgBDgu2WhcLUaPaaaZt1tSWa88VVTuJCIArXWArnTDf8vDwR_eukKNxa_g_jll2eW36MNQ2LO3CffyHWYXj5bSPIMmfx8QMhl0A2IyYhrccY_v00drhgd0SrGjOdL5pBzlwaQHCC-VnlB-lyZ8PEpuBSJW4pJrfhVsoe_RvxfWrzqzi5u48dieS-M01vJ_0AgOjIRwCZSEMaGcMNbPRzvBHOUdgs85IqLG-HKR50OR1F7fr_dLJo3Zxs09q0uhE6aWZosrS-SfWhA5VTRzE5zuL735fnFYbmNu2A8D-zOxTNeWko34q9ctjaWxWw-jLPDQH6PjqI1mmV1ovGnxw4nuEpz1V-se-EAu18xZhm9vB_uRbyqk9bD2Mzv-ncUoBrmfa74M-2MkGEhLeKgThTRtyikYKbpbgiLd5f10I63-1BT3ED00N1KlexJtJXDOj2zq5maoeICAaQxIheFDCrTRvdpHUhEYa3bY5qMEJrxTEk7bZVePxI1ynKlT9EuYNJmg8Xj8lS027PwY5FwPTCpzkY9Qg&sai=AMfl-YQYuvqsADDK6zHyQlclMk9YiMeWbALdNo2ODcgDbaAafcdMm40lZGw9TkxjQxdv5S2tgOf1_iBqlDORvsLkuT3u8d3jBJsPkgKsHnzMICOH7x0I0pE9SYi_UZ3tIySADSXnLA7kSKSkP0R9WzNXZ-wyepLEigWLSjedXNwpa_WC6z4MWBOMQICgqb-bStBYbMSqbE5a7iZEqpk2mw8Wp3-4f8-stq6ZBNK0R4TVl0d-DV9BAV5EhqSIxRnMRsGRJV4hMAiHTRuyY2bmftmAvaSgB0hRZfAQaZlysw&sig=Cg0ArKJSzGnEjIaNZq21EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=483&cbvp=1&cstd=479&cisv=r20240320.54269&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Mar 2024 08:12:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 22 Mar 2024 08:12:28 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 729D 0
56 B 73ms
72ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFjrlaz39Ze_EIdzTjMwP3dSE2AYAAAAAOAHgBAI&bg=!VlWlVRrNAAZewuCMfsI7ADQBe5WfOAC04bX_G5qGNOjyK_p4SmVq5ImAv5GBTSQ2Nm0Bp7nx22tbyFk19foFto14Wsf0AgAAAPpSAAAABmgBB34ANSv7zEu7-NSGtOAsQNFlnKDzmiSAqZYW5u-CiVmZbf1LisoZgVsdk2QvrBnOEdHmSQksxmUECgDAiXFid6IHXC-weeTexyKiNZxMQ8kV7SLcWQ0ZneM_srKvf-I4sHllICbHVVMhx6y18da9zv0v9c8rhjIm4pSRvWI6aN9adQZF-EEj1--FteOjSQNuCNbVVgmvitJ04pUKpmdYvocm2qwNKyfSmAyXnlrYyJ4LUj0LOYBEvGuuCcOBWbLIG_p9LAWBIaEN3r_EVBTbItayoMh4JUL41CtMTojD4gWA2htK7c9r8TUupXoNYmkOcY18oqJqbacP4SdOmQKDi29Z7psI8kak6yHffemWQbPUEEmyu82sKHg5jwPBwQOJhEEav9HDtieA_R2-o7NDogplxO95Jh7l2GLURdlDd938DHLdKMjer47F17oBUOKmMEcxHuTrHrObfA3I8bhYsVaDPvWLmRPNpDhsyD28veFJ5zdctCismESyt_O5x5yl87Su8AH-xIq_graG1E3dvpJQNrlv1FMUYSy25JaaxyJ5A79v8lX__kqehyexxBj0xQlkOA_BdLglHqZl0ftk20NPsGlaC_Pwm3Ur-uDMLkiXDcaeVuhtYQ7x0SffhGsSf32XSJgODVI1tMCyZWXc4bBL9idEWSkAijMhKRLBZytC3wiiXHUUYqp7n-FqwATBU6KKhSqnvUJ9K-UWBYdG8xeuHvR4EGVPRBqpllFZMtbMTcgOQy_vMA6BM4hi5f8Q9n5etb91hCzKHOvWLPNQlbKBjXI1vIcyb8pHTrsoHmNfgmWgQ4jGhZ6lSRLAYwnxAiFK9PmCGkUa1x0CWH-HT9lCNXOf_Ye9BuhM6lxhhiCXVPgCJcdY1LV6Jph_jis2hIeGFKDE63TmjUkLKIG3tmqbLe3f_LpCalsWppwmobnl5Qxn_clW243XaObovFxcvZ5ewJ2gOK4FKMWfK0IqZgbnZ4604Zwr9-zrKl88vgiqA4sTFjEQnRNY_lffEDf5DzxjJ6O41qa8l0rJzOoUxQEdXU3Fg1k4W56dPOwDNvGUvOHEhLv3Za8RUWfa4RTVxtFZGgv4cYsOzhTBhirC5DbCFyy7nL-CzhmV27BtMxWtmr_MKCRqdJuO7hu_6s2F8ey1Xk08jQg0CAi7m-RDFj4Kfk271cH2DHVaFxWoZG8XgA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87D6 0
56 B 63ms
63ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BunQaaz39ZZTdHfrc4t4Ptf-ZsAoAAAAAOAHgBAI&bg=!dHeldzjNAAZewuCMfsI7ADQBe5WfOMaQZyNbRGJEqwDfn_6fyvjLHLJhHAqhoheOLhn4EkOA330P_nWI0TD74ClVL9F1AgAAAP5SAAAAB2gBB34ANSmtk3V5xSLMUq2dIyTi4IzbqDhUwzahbGku2tcpE7ZSAficHnNUj8Sj9d5mPgQhDJItUYRwCgCN3LYvj3esTztz3swV7VNPKIlGMXkcnDxcFFgic9R65f5CV4bN5smGMWibdmzeFXt0WCvdfVbL9mYoKCdl3DGU3bmkXrhk5ugaCG1ciQADmw-v8Ng9NGnxXMgEjfHgIEaszvxsl6nDNbsVoupXlUPbnTXJlScG013fgadqozL68c1Y8fTPDzbhg2blu3s2mQKHfry_g6qobqto9Z-zLDUveJVjcXylYr84mnyM4MPr50fKS2LTtQ3-T7R0LPgjquewbwZELTBjzNm9uDdJSS9Jg7IctbqXgA_6EXVYh8P0c5aVfw5_W0fDa5hy4yrSPdijX836EkHarQYqFnNIXTIuDyQWV3blQUtchAn7z5A521txp_ZxQwjJNgX6XzBhVH95TA2Hhbqdc4NRXPkTT-R4y609gCOXL88Gk6-sGroGjgnDXdkS2CmRHuJ39Qd8LtH64uZSrE2N3OIFb-9-dtvVsCmLjJ1cehCphIX53oAnoh_hFBXnD4y62pseyTHMDDSuuLdf34RzVOfifZ272qqs_zmvzH8joK0gVxRdF72jW65S6F-DAx0VMabtEXbzi1I6w5RIrB2nKDiGOT9tIGwuoYg7vrQ7WjsuqvIXdBVYbEBTh5ARl6y71OdAPqGFllail9g6KFiYWfDjzlLusFAWpJFoJ8NBXNL0AGdFH2Q4I1oH49pHkojzoJwQEEzPUYxKJzpA_7JRtcSsZ7NLmXonOJv4eSzqWgru8zPkiOqnsCkwSjtVSZFSCcR3Iy8Da87cAT6NwuG1XGCswg2tWZ8OqWIFz6nLGZl3GXknr0Gzjble1sHnfAn8BFnmO396YH5bwsQE9-zon2_gt2masOBzpLg-EwiyVxuARwjL7_2eVdJIjAqNDBZVyxklGcF4B0MEWAENx-JhtBDLG0uS1DNJG-f1JzcS-91_9rOnd-Go23B9IiChgqscn0ifmQriMPgIfmd2joKQCQUWeeaSMARvqFPfL1lmj-0VXUR2R_YvKvgPj2fsuxqBQmp2DFOdNG7Wajwnx1EkQOyaqAWMAc2xp2rfbpJ7unc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ban_ad.-doubleclick.min.js Show response
fundingchoicesmessages.google.com/f/AGSKWxVxk2OOS2-ouEIOUwDYy0VXs1-fMyVvFc92lo8nMbeCyEKCcuEv0A5HqF1y045Xbt0g_0Tx2E2930aqinz7peMWMxpbo4tly14uD7Nfru6rKm1_6TfVfFFnHsRlnbH60PAUorEfDsDVoi7yEMez0ld2jC58P... 54 B
470 B 126ms
125ms Script
application/javascript 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxk2OOS2-ouEIOUwDYy0VXs1-fMyVvFc92lo8nMbeCyEKCcuEv0A5HqF1y045Xbt0g_0Tx2E2930aqinz7peMWMxpbo4tly14uD7Nfru6rKm1_6TfVfFFnHsRlnbH60PAUorEfDsDVoi7yEMez0ld2jC58PFQb5PLUHBAhT8J7cjQTEkVnLpf488zo/_/ad125b./adfliction-/adutil./ban_ad.-doubleclick.min.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN._H3CQAUmTeQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxWOWMobfbkcwo4SMzm8Kl6_qKXvg/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b6624deda47875ba0f7184227374ccb227824a8e977a9ee03df2a8093298800

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xrgefWylqO9Gm2CRV5AOCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xrgefWylqO9Gm2CRV5AOCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8ebXl_VsAgdOrj3HCADr_TJA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 125ms
123ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a52c7dbdb39b9e8dcc330df208cba3fc9d43e3476136d9ef1c680deacdea652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51325
x-xss-protection: 0
server: cafe
etag: 17081863673897441905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 22 Mar 2024 08:12:28 GMT

POST
H2 204 AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 712ms
30ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5YRfZv7TP6eHLaAWa5NydA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5YRfZv7TP6eHLaAWa5NydA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QROvDykDwC_xQzL"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zuto.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA== Show response
fundingchoicesmessages.google.com/el/ 0
284 B 599ms
44ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ihh90FRBHckRrqZXZpqQtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-ihh90FRBHckRrqZXZpqQtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QROnDhoDAC_ZAyt"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zuto.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA== Show response
fundingchoicesmessages.google.com/el/ 0
293 B 543ms
41ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZHhKmID1qBBRyqSsNn_zcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZHhKmID1qBBRyqSsNn_zcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QR2dL8wAgDABAyQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zuto.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA== Show response
fundingchoicesmessages.google.com/el/ 0
293 B 544ms
43ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eVe27YC-Ys9W09mBP3QsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eVe27YC-Ys9W09mBP3QsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QRm7PxqDAC_xgyp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zuto.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW9Eonwqfwai6L6JFm-Z4LAwz1JeKOjGMItCUhi5_4LIT6DdPQsgPSweNjQXhTn7NMeqBAlwb4AP-1gbOYdi5g3hR70V94gnkT1HlybI8gVdn2OvqpsriBGCHKKQ9wfs8Jx-GW5rA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
91ms Script
application/javascript 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9Eonwqfwai6L6JFm-Z4LAwz1JeKOjGMItCUhi5_4LIT6DdPQsgPSweNjQXhTn7NMeqBAlwb4AP-1gbOYdi5g3hR70V94gnkT1HlybI8gVdn2OvqpsriBGCHKKQ9wfs8Jx-GW5rA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDk1MTQ4LDU3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8venV0by52bi9jby1haS1oZW4taG8tY3VuZy1lbS1jaHVhLTcxNTMzMSIsbnVsbCxbWzgsIl9IM0NRQVVtVGVRIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6efeb807e87ff9ec062ee6aeb3e40f3004504b5218a8ce96be068ac44ad82af7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rw85HshfrSa6DF4klDfu3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rw85HshfrSa6DF4klDfu3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8ebXl_VsAgt2NS1gAgDrmzG8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX9bcWdQncY6_IzIBORJ5ce8qC-5YrQUQijRv2OGwJ710EZa4pBao0Uf5Bk2VQav-dxpKM-gpAmHDqtPVcz9DjJMd-YfH4e2eF-SLbsm3pmar3G-QAx0uYpLMScYO5JEU76QUyl2A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
55ms Script
application/javascript 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX9bcWdQncY6_IzIBORJ5ce8qC-5YrQUQijRv2OGwJ710EZa4pBao0Uf5Bk2VQav-dxpKM-gpAmHDqtPVcz9DjJMd-YfH4e2eF-SLbsm3pmar3G-QAx0uYpLMScYO5JEU76QUyl2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDk1MTQ4LDY3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiemgtQ04iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96dXRvLnZuL2NvLWFpLWhlbi1oby1jdW5nLWVtLWNodWEtNzE1MzMxIixudWxsLFtbOCwiX0gzQ1FBVW1UZVEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab24701ebc3d79bd73a66ca28ccb53370eeb958fda9a6aeabd4dfa92286721f3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gR8jnV_qdEPFSKVxvKUt1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://zuto.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gR8jnV_qdEPFSKVxvKUt1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8ebXl_VsAh1Hn15iAgDrFDJA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXyh1amOOYQ7jhEukjtRiKKKhdQe4vmCWubW9iMdUa3v2x2zRDsGznXJ2jR5VmD1DEYiH0VA3ew0jIVNZz0Z6zQFpFTk62QnxGuBZkNTFLkI-vyYYn2nLRleOCSCxzWsw_1uEBWhQ== Show response
fundingchoicesmessages.google.com/el/ 0
284 B 386ms
42ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXyh1amOOYQ7jhEukjtRiKKKhdQe4vmCWubW9iMdUa3v2x2zRDsGznXJ2jR5VmD1DEYiH0VA3ew0jIVNZz0Z6zQFpFTk62QnxGuBZkNTFLkI-vyYYn2nLRleOCSCxzWsw_1uEBWhQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-28xM7gb0OwCPWjSRU1i4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-28xM7gb0OwCPWjSRU1i4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QRmHDhjBAC-wgyA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zuto.vn
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA== Show response
fundingchoicesmessages.google.com/el/ 0
293 B 386ms
43ms XHR
text/html 142.251.175.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6LTDzUJHLninPJpFJQ0RQLrALJBAUubV8tsNp757hmBVwlrbvk7vO7-1_wYXIZScxhuoo5bf4LQNtTJDyRwLuuFa3KPq4X8VYzvA7N2vUbjr_qTzSe9W8IxylJAaTnxcjA-hQNA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G51BqF5Klc_4DC-NC4jwlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zuto.vn/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G51BqF5Klc_4DC-NC4jwlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1hDgFiIm-Ptry_r2QQOXNxoDAC_wwyi"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zuto.vn
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FDD 42 B
174 B 69ms
68ms Fetch
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpuYoUUvDfx0wUG3Co-rBB-ZolDrYUy_rnlsB_3rsJDC0tSvxu2inHAQnBGt9YNyO2BppDD7trLQm40RJWcKFAFaYlUGugVS1vF6g9jzkwpznRlTvajGffOjDdI1tDwO5OwkOP6d9uHZfqEIKjkYxOEPAJYirjP7Q&sai=AMfl-YSsm5RcVlfT9zIFYJtxw7LikxY1bqLO5Edx30fr52M_v_ZvUaAdmd25P8mEdqkTMDMU1uAp9I8G57-hsUNWnfqFElLO7oCKIfaEq3UZK3nJxJocyzRrVOZx1VHuAGrFRt9VRkenXaBZhBwzmg8i&sig=Cg0ArKJSzAYLRh-G93cxEAE&cid=CAQSTgB7FLtqwaR5NFiOBSjiMZjkF8KiOFW2-0PkJcnJf93bQq5k9PBXQsnp-6Sdxq7yiN69Ed-eb77RiW1XsziNpcKvrtnBLctH9YiJaaqNUBgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3124269753&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=702794700&rst=1711095146257&rpt=1490&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6884082cc4fc1ac5806bf0ebbba52a9f.js Show response
s0.2mdn.net/sadbundle/100743113437237494/ Frame 4816 77 KB
23 KB 30ms
30ms Script
application/x-javascript 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/6884082cc4fc1ac5806bf0ebbba52a9f.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fece1a355115d6e0662ed86ccf752d728955b28bdb5159a4d837bd4756625c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 01:33:26 GMT
date: Fri, 22 Mar 2024 01:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23328
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 css
fonts.googleapis.com/ Frame 4816 4 KB
1 KB 434ms
46ms Stylesheet
text/css 64.233.170.95

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:600|Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/100743113437237494/6884082cc4fc1ac5806bf0ebbba52a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

afb9d183c4ef908bf2223a374849b048b3e5772aa7c62a22c7e59c58d1e3b2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 08:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 08:09:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 08:12:29 GMT

GET
H2 200 fe2efcf3e5e5f2fee6ffc35d0bb2e327.jpg
s0.2mdn.net/sadbundle/100743113437237494/media/ Frame 4816 46 KB
47 KB 39ms
38ms Image
image/jpeg 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/media/fe2efcf3e5e5f2fee6ffc35d0bb2e327.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eafa4c42bb480183e6cd2b705bd043e48650e1185ae9aa2162e268b9e1845f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 04:11:46 GMT
date: Fri, 22 Mar 2024 04:11:46 GMT
x-content-type-options: nosniff
age: 14442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47558
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 380a5bbd8cee2cd936cc42d9c514e65e.svg
s0.2mdn.net/sadbundle/100743113437237494/media/ Frame 4816 12 KB
3 KB 55ms
54ms Image
image/svg+xml 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/media/380a5bbd8cee2cd936cc42d9c514e65e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71abc618bec8fcca3122b487e715c19f0dca2af754f18423aa526713856b6a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 01:06:25 GMT
date: Fri, 22 Mar 2024 01:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/603273f8/compiled/ Frame 1FDD 465 KB
111 KB 193ms
53ms Script
application/javascript 18.155.68.104

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/603273f8/compiled/web.js?v=26-b074cc3345&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/d54876ed/web.js?&accountId=afa4a86e&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF2VPaj39ZZbDJLCk9fwP7IOTCKXj-Y522JXlrt8S8C4QASCW84YiYL8FoAGz9YbPKsgBCagDAcgDmwSqBIwCT9AzS341gYE94uR_71PUwSRAu73_tFE0VDkb9Id3cz84nr0LSCtEC-6nXU1AFKzynOTk3u4BLeYvGQe4YF3QQMarQsk8jg3Dupnl7KV_FR-4HZfPjStOYNsiGiVQbZfGus1dYUNIrJG0lNEXldWRSi9iCNRDzoqeZ28ZFWjpbgPb6KMujY--9XneA6xcuzaB0Aad9BNMrQ4G_0RKSF-0kaggP_1A_dOQvwKGGdYrMVX_DGuDxRZdGA-zeneHXeU4GRXFqBTIwocPPQkhO3BaQSOvyliywLN6WrFWTLICkZ87SRFUyr89cI5DoJVDaL6c2dsE7rtZDCDOBnvRFx_k7pnovcXW9XPUyBqQYcAEgZHY1dgE4AQDiAXZ07OZTpAGAaAGTYAHs63XrgWoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WLT7jpO2h4UDgAoBmAsByAsBgAwBqg0CU0ewE5D8-BbQEwDYEwrYFAHQFQH4FgGAFwHoFwGyGAkSAsFPGE0iAQA%26ae%3D1%26num%3D1%26cid%3DCAQSTgB7FLtqwaR5NFiOBSjiMZjkF8KiOFW2-0PkJcnJf93bQq5k9PBXQsnp-6Sdxq7yiN69Ed-eb77RiW1XsziNpcKvrtnBLctH9YiJaaqNUBgB%26sig%3DAOD64_2armUzu3_mx0hJ7sFZ_mEH3FEEnw%26client%3Dca-pub-1331499336525420%26dbm_c%3DAKAmf-Byf20SDsyyZX80RPiF3KpqPQJucr1VanX-azvkneSRUDBmMke1G6r3yLoeryWzFZ6Z5zPgkgzXwbydPCZgTo3E-dUlS4GWZjpF86hKhC1_WZ8_BQADxFpll9k9x8M8Cq9WBKHoIReEcSIQX5UnDJrC2-a_YjZzpGj_ZJAPqnihdOX7lL4q5PsuiO6ZscwsVm0uD3_nFjPGy90QhUZLrHcDUcM_BCY4uY1xNfFVsEmFjPKByzs%26cry%3D1%26dbm_d%3DAKAmf-DfcvuJeQPH6X_kUU2JrUMtwjriiCw9mC9oONvR_EuAT1bWUKxF3QU5Ka6QUXWCgn1T0Rm5u5AjeAkn_1qxLxL8MwNpDzdiydzNRh1F9zsoF2Nysf6DrroZI55bTbsoPrj8xhpmNAdlzlcvAmuK6HHZyGDkAECcM1RBn7b8zU_XpipJEkal_vBqFoNYRx4_fYZCGF_LqCPekChYaJNwxkjHHs9sUSy_dZ5lt-5iy_w2binlT38V0k3U4a14vhoWf5R4rmYBBQrwdv1dQaimvFtKLYe0LFisrxsy5ECUy3mscH5Wn-d8c8EdfWiNj3DRlyx_drPETOu3XCxOEOnfV3Pk3f3b-D4kM6AbXjxgB89akgvBA_CCo0myrKWpbegdHbkYqdioNNTMtZecdypit5mawV4qPhq2uYGuFFNtv5aIWzfaeHKc_3ptFKry5jIlPLNU5e32NpzSCkV0KB_a4IC3jQ42QdgOOnIv8rXTJqHcrnO2cOXq4RVfwTJwFNB41cVHkTzkyfjxTHBxOsmniFNV2znQQYCRV0kezNSFtcNX42pqBoIPxlXPYo6oIhdP70TBjHhW9QnooPiJEg00xaRmCmpOJKTR7j1sdl3F4WnNMsSEDwFU3oaEvuoF7PgISbqU3tjg-98neWd1L2qKEEfmlxvOSA%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=GoogleDV360&tagVersion=html-standard-7&track.adLoading=https%3A%2F%2Fpixel.ad.lifesight.io%2Fpixel%2Fevent%2FKY0LPL%3Fevent%3DRENDER%26channel%3Ddv360%26cv%3D%5Bcv%5D%26cachebuster%3D1711095146598422%26cid%3D20991240665%26crid%3D555992010%26db_redirect%3DNO%26app%3Dhttps%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&eas.JHtDUkVBVElWRV9JRH0%253D=555992010&eas.JHtEQ19EQk1fVE9LRU59=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI2dOzmU6oApv62uMFsAKx84bkA0AB0gIqGAAiEwiWoI-TtoeFAxUwUp0JHezBBAEoATABONiV5a7fEkACSAFYiIEgEMqHj4kCCbhdyZoP_afMrc9ksLIiig&externalCreativeId=555992010&externalSiteId=2206433262224&externalSiteName=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&externalSupplierId=1&externalCampaignId=20991240665&externalSessionId=ABAjH0hW9yvCbvQ7OeIsijFgr8ld&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=20991240665&scriptId=celtra-script-1&clientTimestamp=1711095147.709&clientTimeZoneOffsetInMinutes=-480&hostPageLoadId=9674460861247842
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c01d5587a0fa0d343a38afc2ee087d7d7059a6bcf4c5b6bd0650ec8a0fce2c51

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 07:18:45 GMT
content-encoding: gzip
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 3223
x-cache: Hit from cloudfront
content-length: 113456
server: Apache
etag: "9eaf2cdada52e0b6d1109e25f425f1ec45b9b30e252c2a401d9bf14b2554aa7a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
x-amz-cf-id: ZjMBCNf9Em8oc7gFJIr-4A7HhQtHYr18njFXANe0hf3GEn6KGC7QRQ==

GET
H2 200 KY0LPL
pixel.ad.lifesight.io/pixel/event/ Frame 1FDD 67 B
303 B 92ms
22ms Image
image/png 34.96.105.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.ad.lifesight.io/pixel/event/KY0LPL?event=RENDER&channel=dv360&cv=[cv]&cachebuster=${CACHEBUSTER}&cid=${CAMPAIGN_ID}&crid=555992010&db_redirect=NO&app=${SOURCE_URL_ENC}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
content-type: image/png

GET
H2 200 KY0LPL
pixel.ad.lifesight.io/pixel/event/ Frame 1FDD 67 B
234 B 92ms
23ms Image
image/png 34.96.105.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.ad.lifesight.io/pixel/event/KY0LPL?event=RENDER&channel=dv360&cv=[cv]&cachebuster=1711095146598422&cid=20991240665&crid=555992010&db_redirect=NO&app=https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:28 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
content-type: image/png

GET
DATA 200
OK truncated
/ Frame 1FDD 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK fe0da92c-36d8-4499-9fc6-3a95d2e2fa09
https://googleads.g.doubleclick.net/ Frame 1FDD 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://googleads.g.doubleclick.net/fe0da92c-36d8-4499-9fc6-3a95d2e2fa09
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzExMDk1MTQ4eGQ2NWEwZWU0YjMxZDA4eDE0MzgxNTI2IiwiYWNjb3VudElkIjoiYWZhNGE4NmUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MTkwNzgzMjczNTY5Nzc5IiwiaW5kZXgiO...
track.celtra.com/json/ Frame 1FDD 35 B
242 B 1093ms
250ms Image
image/gif 54.205.132.147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzExMDk1MTQ4eGQ2NWEwZWU0YjMxZDA4eDE0MzgxNTI2IiwiYWNjb3VudElkIjoiYWZhNGE4NmUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MTkwNzgzMjczNTY5Nzc5IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTcxMTA5NTE0OS4wNzksIm5hbWUiOiJ1c2VyRXJyb3IiLCJ1c2VyRXJyb3JJZCI6Im5vbkZyaWVuZGx5SUZyYW1lIn1dfQ==?crc32c=2045491231
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.132.147 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 22 Mar 2024 08:12:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5B8 42 B
108 B 76ms
75ms Fetch
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjnGhzvLaGw4WZEegeQs-B9EhxxtFlUwGmKpAkb5B_0itEvIBTOu3ZPW-y2LJrgKDJcy1jzgld6soEsvnW3evOo7-t2Env6CCax0SOeXE4MvNiW7hjwGmGAZFoyY6IiWpTpEhe7BkI-6aEyWd6Rg4BWo59RwcM6ww&sai=AMfl-YRmNWZZG6wZ2xHKN88Dgnv1N6WqkhtCTPnqw1huPch9BShmbrZr-a_i1N_ZipFLwugUhN6L7ip_5MaSdYDkQbdc9g9VUVmFk_dwEXsIA25BGtLroQocnTgma7ANnyC7Nw7WQFPIuq6yww_n5ljq&sig=Cg0ArKJSzKtuDRKqM0nYEAE&cid=CAQSTgB7FLtqC8Mkymh7AyhJjfczr-77Ne5olo23CbYbQaK4zmc3myyyyPG7t35hKj2vzIgm2r8lRKspvOtp4Yv3ML2bD2ftr923BCpjDzyAeBgB&id=lidar2&mcvt=1028&p=0,259,40,300&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2390998479&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=702794700&rst=1711095146269&rpt=1446&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 08:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4.png
cache-ssl.celtra.com/api/blobs/96586f62525d230255b83a4be8da135ebb7234c2a7dc9cfe6c2f97fbcfdf42b9/ Frame 479C 4 KB
5 KB 26ms
24ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/96586f62525d230255b83a4be8da135ebb7234c2a7dc9cfe6c2f97fbcfdf42b9/4.png?transform=crush&quality=256
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 99c8c9888f0f991445f9024eb1a32caa92b277d056b001eb33282cfd56df7500

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:45 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095063
etag: "99c8c9888f0f991445f9024eb1a32caa92b277d056b001eb33282cfd56df7500"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 4162
x-amz-cf-id: dXzzPdmjdWKYzyb3iauCkJ7hUKHYM30Ywhpkh2h4H9NP1jNdVWUQKQ==

GET
H2 200 3.png
cache-ssl.celtra.com/api/blobs/6a2701bfb6fa2a1ce8791da90913d440ee0378ccdfcb75334bcfc6e884ea461a/ Frame 479C 4 KB
4 KB 27ms
25ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6a2701bfb6fa2a1ce8791da90913d440ee0378ccdfcb75334bcfc6e884ea461a/3.png?transform=crush&quality=256
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: af5663a77d239bfbbd9b8ed220d67d5c597065240831c286a0497287888a722b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:45 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095063
etag: "af5663a77d239bfbbd9b8ed220d67d5c597065240831c286a0497287888a722b"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 3606
x-amz-cf-id: 33Uqo0a_vVy25qkpl4BteWqYp0nQjH7btfXGT0SK2vkiExW2SJbRrQ==

GET
H2 200 2.png
cache-ssl.celtra.com/api/blobs/d0a0be84b642e0cbfb839f367ea280fb7f23afc028905a7248fb89053cf97b57/ Frame 479C 4 KB
5 KB 27ms
26ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/d0a0be84b642e0cbfb839f367ea280fb7f23afc028905a7248fb89053cf97b57/2.png?transform=crush&quality=256
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 5ab9835f30e97f52979af0310156c1f101957698f11a081cca7fc99acf412ee4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:45 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095064
etag: "5ab9835f30e97f52979af0310156c1f101957698f11a081cca7fc99acf412ee4"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 4252
x-amz-cf-id: 0ucg2pRmuZYEC6LnAERCSL_L22D1SykdQXWkPtoi2KLWYUo1gH3qjg==

GET
H2 200 5.png
cache-ssl.celtra.com/api/blobs/28773e419cf8205e24304dc2ff6a009c7e9d08a002f2c3c9fe5f7da16e7dad3e/ Frame 479C 3 KB
3 KB 41ms
40ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/28773e419cf8205e24304dc2ff6a009c7e9d08a002f2c3c9fe5f7da16e7dad3e/5.png?transform=crush&quality=256
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2dbdac2f7d9916abe3f84f7b0728ae1b4e9e5826702382907762f43f4d847384

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:57:18 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 4947310
etag: "2dbdac2f7d9916abe3f84f7b0728ae1b4e9e5826702382907762f43f4d847384"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 3024
x-amz-cf-id: ZPuL6QYWhQwLCMQPljhk86TyjlYDZjiAFH4rZ5Ohz_sf2wYFKLH_NQ==

GET
H2 200 5_2.png
cache-ssl.celtra.com/api/blobs/22f22bdae01f9dcd9b79cc5a59a390be58cc7e4b60da61e33e0305101cd8ec76/ Frame 479C 2 KB
2 KB 41ms
40ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/22f22bdae01f9dcd9b79cc5a59a390be58cc7e4b60da61e33e0305101cd8ec76/5_2.png?transform=crush&quality=256
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d8965b9f1c7a92588348e4cbe6b60315f3857e73ca7c414d3e736f10efb85a3d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:33:25 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 4937944
etag: "d8965b9f1c7a92588348e4cbe6b60315f3857e73ca7c414d3e736f10efb85a3d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1717
x-amz-cf-id: pVqY4ysVMiZB0xolt4CgFL10ULiD22oPhwG_xOaE93386cdE8lX_ug==

GET
H2 200 1.jpg
cache-ssl.celtra.com/api/blobs/9524ffea3448f1e9a61c6a88810346f491ab0c31bc79739199b0e31a5a18db87/ Frame 479C 89 KB
89 KB 41ms
41ms Image
image/jpeg 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9524ffea3448f1e9a61c6a88810346f491ab0c31bc79739199b0e31a5a18db87/1.jpg?transform=crush&quality=85
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: dc21200fbedd62b2209cff6ce49efbb91b9ff014b9621eccaee618011c41b9b5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:45 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095063
etag: "dc21200fbedd62b2209cff6ce49efbb91b9ff014b9621eccaee618011c41b9b5"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 90923
x-amz-cf-id: l4FjO3W7yri_1Y9mSl7UCOt8j8BB8AnlSFLp3fqn5y6_oWFdZbf6vA==

GET
H2 200 close-up.svg
cache-ssl.celtra.com/api/static/vb074cc3345/runner/clazzes/CreativeUnit/ Frame 1FDD 1 KB
998 B 31ms
30ms Image
image/svg+xml 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/static/vb074cc3345/runner/clazzes/CreativeUnit/close-up.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 07:18:37 GMT
content-encoding: br
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 3231
etag: W/"d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: focd4NMqO3WKEAyqFLngoxE0vK9tm-7RhDUTsBUKmiU7gKFGZYRErQ==

GET
H2 200 close-down.svg
cache-ssl.celtra.com/api/static/vb074cc3345/runner/clazzes/CreativeUnit/ Frame 1FDD 1 KB
1 KB 31ms
31ms Image
image/svg+xml 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/static/vb074cc3345/runner/clazzes/CreativeUnit/close-down.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 07:18:37 GMT
content-encoding: br
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 3231
etag: W/"93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: lY6F_MUtHy_tiyT3L-gBGIAKL6wSOH32S2CP9xEvKhPeqAjxTzNVNg==

GET eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzExMDk1MTQ4eGQ2NWEwZWU0YjMxZDA4eDE0MzgxNTI2IiwiYWNjb3VudElkIjoiYWZhNGE4NmUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MTkwNzgzMjczNTY5Nzc5IiwiaW5kZXgiO...
track.celtra.com/json/ Frame 1FDD 0
0

GET
H2 200 7.png
cache-ssl.celtra.com/api/blobs/e4625aa36f08b2c86b4d9dfdde977a017755a9e11f0c8ffdd7e5c9b78210f4ed/ Frame 479C 5 KB
5 KB 33ms
33ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e4625aa36f08b2c86b4d9dfdde977a017755a9e11f0c8ffdd7e5c9b78210f4ed/7.png?transform=crush
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f697dee91b56172e50c277300839639741e3c6fa58855b7270e98f22b2b2613f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:46 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095061
etag: "f697dee91b56172e50c277300839639741e3c6fa58855b7270e98f22b2b2613f"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 4742
x-amz-cf-id: dEL-zbUUTaCSApWvxaxbz9VIL90r9VSAUkVCOJ6LcVkH2yOtQunu7Q==

GET
H2 200 5.png
cache-ssl.celtra.com/api/blobs/28773e419cf8205e24304dc2ff6a009c7e9d08a002f2c3c9fe5f7da16e7dad3e/ Frame 479C 3 KB
3 KB 33ms
32ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/28773e419cf8205e24304dc2ff6a009c7e9d08a002f2c3c9fe5f7da16e7dad3e/5.png?transform=crush&quality=256
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2dbdac2f7d9916abe3f84f7b0728ae1b4e9e5826702382907762f43f4d847384

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:57:18 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 4947310
etag: "2dbdac2f7d9916abe3f84f7b0728ae1b4e9e5826702382907762f43f4d847384"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 3024
x-amz-cf-id: er1MVEKZ0K3Pi_WbFNMwI9p4NhkyiWx64QRJv9fTZb078PF2Tgjb7Q==

GET
H2 200 5_2.png
cache-ssl.celtra.com/api/blobs/22f22bdae01f9dcd9b79cc5a59a390be58cc7e4b60da61e33e0305101cd8ec76/ Frame 479C 2 KB
2 KB 33ms
33ms Image
image/png 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/22f22bdae01f9dcd9b79cc5a59a390be58cc7e4b60da61e33e0305101cd8ec76/5_2.png?transform=crush&quality=256
Requested by: Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d8965b9f1c7a92588348e4cbe6b60315f3857e73ca7c414d3e736f10efb85a3d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:33:25 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 4937944
etag: "d8965b9f1c7a92588348e4cbe6b60315f3857e73ca7c414d3e736f10efb85a3d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1717
x-amz-cf-id: 9paTb8XuTWZXcKL1Pcw8yuTAwpx2hC1JnD4Z7L7MhG44h8j82TRyVQ==

GET
H2 200 6.jpg
cache-ssl.celtra.com/api/blobs/d147659620c9451373de3feb59dbfe4bbb1f3c67f008d27b96663b51614eda65/ Frame 479C 103 KB
104 KB 41ms
41ms Image
image/jpeg 18.155.68.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/d147659620c9451373de3feb59dbfe4bbb1f3c67f008d27b96663b51614eda65/6.jpg?transform=crush&quality=85
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331499336525420&output=html&h=250&slotname=9920468188&adk=3124269753&adf=3522911267&pi=t.ma~as.9920468188&w=300&lmt=1711095146&format=300x250&url=https%3A%2F%2Fzuto.vn%2Fco-ai-hen-ho-cung-em-chua-715331&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711095145765&bpp=1&bdt=493&idt=487&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C600x280&nras=1&correlator=5877292326192&frm=20&pv=1&ga_vid=1197117489.1711095146&ga_sid=1711095146&ga_hid=2136340757&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081904%2C42532523%2C44795921%2C95320376%2C95322397%2C95326915&oid=2&pvsid=4128295321643826&tmod=863520003&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.104 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f8bb2eb1a2b55e1ca32a83b45af16759020cae23e1a0f5ef599b256fcc032163

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:46 GMT
via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN52-P1
age: 2095061
etag: "f8bb2eb1a2b55e1ca32a83b45af16759020cae23e1a0f5ef599b256fcc032163"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 105414
x-amz-cf-id: FHBOnl61P-JJbQDJ1Vd6SvbsANiN1P7eTjjXwTbL_As2AQeTXADz8g==

GET
H2 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GCC5Xs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ Frame 4816 14 KB
14 KB 405ms
44ms Font
font/woff2 74.125.24.94

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GCC5Xs1Ul.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:600|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9611a420facfd17cf053837609dd74d98380a7f615fb4961b6cc27105978b53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:52:44 GMT
x-content-type-options: nosniff
age: 112785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:26:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 00:52:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4816 16 KB
16 KB 404ms
43ms Font
font/woff2 74.125.24.94

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:600|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:37:52 GMT
x-content-type-options: nosniff
age: 113677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 00:37:52 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A5B8 0
0 84ms
83ms Fetch
image/gif 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT2-_j_RkuC1DM75KAjgDDBj93AAi0Mw6X4lcv538qv-Sg_ewMWrl2OHAkKQOHtIh79zPV4IK8x-bfRTx1dcilKhqJJqBASpEJFcBw13ZYE3IVR84D1Z56ZH3HKUIgaFPQY8wpP5wf0I3ilpiEif46QmCfOSzSqeQfUAuf6WuKXn7M40LzRm24P3K0TlcIBkHHGWqO4vUoxpAfnhkK9MONboI8Gv7hZ7vrGkxc-1qBtS0i5ZU-3vfSp8DYqmSL88CN018ilVA46hiuF3PhARDBfNg_M2xmSA7Uls6DXOIjEEBrTbBppGw0Ax9YZQ9HR2-pPNHjWgpu1qo0akivLCaNJHQx1SAorMFGqVe-5U2bY_PS_kIVO1KwVD83ny2mFAOYjw42sph4rUdo6aQWTpJ35xv9UeSRs96SzAJavtZO5Qdj4YTTDEXpKyyGVgS4EBxuHjNo-NjrxW1eT-dhxEfoFufpN8XDS48rmEye6EySlaLS4v4F2ALBSM5JSRGXFieEwuXYpHLPElA3SngjrId4sFk3d7Rz93ixLs7m_YWfuthjY6l7IG3mlg5nMiz3N9mp_5g8zfXIB19rd-rF4TsiwpoX0XSW_LzgLiGFgB0MeUJKkgT1WlzGd3EXGhxLJ8_XF_tyNZWL3uhnmsUF565UoDNxtBRVuWgNqdogogDmjNyP3nbV_Ni8tiwh-QliNptDsFiJ1XlgAhQGsuweCfxePVHwTq0T2TjbpUkXN7o2jTy6cGN7IDhj95WlrnSEphqTjKqymBlBQK04fZr7YSslk3eZ8CUjSe7Q-VXXC5dx0mQOdslTfsZ7zZA030TVGBKy827Yy6gJrgeTgBDgu2WhcLUaPaaaZt1tSWa88VVTuJCIArXWArnTDf8vDwR_eukKNxa_g_jll2eW36MNQ2LO3CffyHWYXj5bSPIMmfx8QMhl0A2IyYhrccY_v00drhgd0SrGjOdL5pBzlwaQHCC-VnlB-lyZ8PEpuBSJW4pJrfhVsoe_RvxfWrzqzi5u48dieS-M01vJ_0AgOjIRwCZSEMaGcMNbPRzvBHOUdgs85IqLG-HKR50OR1F7fr_dLJo3Zxs09q0uhE6aWZosrS-SfWhA5VTRzE5zuL735fnFYbmNu2A8D-zOxTNeWko34q9ctjaWxWw-jLPDQH6PjqI1mmV1ovGnxw4nuEpz1V-se-EAu18xZhm9vB_uRbyqk9bD2Mzv-ncUoBrmfa74M-2MkGEhLeKgThTRtyikYKbpbgiLd5f10I63-1BT3ED00N1KlexJtJXDOj2zq5maoeICAaQxIheFDCrTRvdpHUhEYa3bY5qMEJrxTEk7bZVePxI1ynKlT9EuYNJmg8Xj8lS027PwY5FwPTCpzkY9Qg&sai=AMfl-YQYuvqsADDK6zHyQlclMk9YiMeWbALdNo2ODcgDbaAafcdMm40lZGw9TkxjQxdv5S2tgOf1_iBqlDORvsLkuT3u8d3jBJsPkgKsHnzMICOH7x0I0pE9SYi_UZ3tIySADSXnLA7kSKSkP0R9WzNXZ-wyepLEigWLSjedXNwpa_WC6z4MWBOMQICgqb-bStBYbMSqbE5a7iZEqpk2mw8Wp3-4f8-stq6ZBNK0R4TVl0d-DV9BAV5EhqSIxRnMRsGRJV4hMAiHTRuyY2bmftmAvaSgB0hRZfAQaZlysw&sig=Cg0ArKJSzGnEjIaNZq21EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2091&vt=11&dtpt=1608&dett=3&cstd=479&cisv=r20240320.54269&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:12:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Mar 2024 08:12:29 GMT

GET
H2 200 380a5bbd8cee2cd936cc42d9c514e65e.svg
s0.2mdn.net/sadbundle/100743113437237494/media/ Frame 4816 12 KB
3 KB 30ms
29ms Image
image/svg+xml 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/media/380a5bbd8cee2cd936cc42d9c514e65e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/100743113437237494/6884082cc4fc1ac5806bf0ebbba52a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71abc618bec8fcca3122b487e715c19f0dca2af754f18423aa526713856b6a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 01:06:25 GMT
date: Fri, 22 Mar 2024 01:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 fe2efcf3e5e5f2fee6ffc35d0bb2e327.jpg
s0.2mdn.net/sadbundle/100743113437237494/media/ Frame 4816 46 KB
47 KB 44ms
44ms Image
image/jpeg 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/media/fe2efcf3e5e5f2fee6ffc35d0bb2e327.jpg

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eafa4c42bb480183e6cd2b705bd043e48650e1185ae9aa2162e268b9e1845f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/100743113437237494/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 04:11:46 GMT
date: Fri, 22 Mar 2024 04:11:46 GMT
x-content-type-options: nosniff
age: 14443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47558
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:23:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 7d0e990ef6eb0b7cfa888cb45b6e2b99.jpg
s0.2mdn.net/sadbundle/100743113437237494/media/ Frame 4816 57 KB
57 KB 61ms
61ms Image
image/jpeg 64.233.170.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/100743113437237494/media/7d0e990ef6eb0b7cfa888cb45b6e2b99.jpg

Requested by

Host: zuto.vn
URL: https://zuto.vn/co-ai-hen-ho-cung-em-chua-715331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS